CrowdStrike, a cybersecurity firm, is currently facing threats of a lawsuit by Delta Air Lines following a software update failure that led to over 6,300 flight cancellations between Delta and its subsidiary Endeavor, resulting in an estimated $500 million in damages. Delta CEO Ed Bastian appeared on CNBC to discuss the situation, stating that the carrier would be left with no choice but to take legal action against CrowdStrike.
In response to the threats of a lawsuit, CrowdStrike sent a letter to Delta’s attorney, David Boies, defending their actions. The cybersecurity firm claimed that they had immediately reached out to Delta following the incident to offer assistance and remediation options. Despite their efforts, Delta CEO Ed Bastian mentioned that CrowdStrike should have conducted thorough testing of their technology before implementing it in critical operations.
Delta accused CrowdStrike of negligence and failure to properly test and validate their software, leading to the widespread outage. However, CrowdStrike’s attorney, Michael Carlinsky, disputed these claims, arguing that Delta’s competitors who also used CrowdStrike’s security systems were able to restore their operations much faster. He also pointed out that CrowdStrike’s liability to Delta is limited to single-digit millions as per their contract.
The CrowdStrike outage had global ramifications, crashing Microsoft Windows operating systems worldwide. Delta, being heavily reliant on both CrowdStrike and Windows, suffered the most from the failure despite having invested significant amounts in redundancies. The airline had to manually reset 40,000 servers during the recovery process, highlighting the extent of the damage caused by the software update failure.
The dispute between CrowdStrike and Delta Air Lines underscores the importance of thorough testing and validation in critical operations. Cybersecurity firms must ensure that their technologies are reliable and effective to prevent costly outages and disruptions. As the two parties continue to engage in negotiations and potential legal actions, it remains crucial for companies to prioritize cybersecurity measures to safeguard their operations and mitigate risks associated with software failures.
Napsat komentář