More than two months after a flawed update from CrowdStrike Holdings set off a IT outage — crashing millions of Windows computers, grounding planes and halting bank and other business operations around the globe — a high-level executive from the company is set to deliver an apology on Capitol Hill.
“On July 19, we let our customers down,” Adam Meyers, CrowdStrike’s senior vice president for counter adversary operations, stated in prepared testimony to be delivered before a House subcommittee. “We are deeply sorry this happened and are determined to prevent it from happening again.”
The global cybersecurity firm that provides antivirus software to Microsoft for its Windows devices pushed out a content configuration update for its Falcon Sensor security software that triggered system crashes worldwide, according to the remarks prepared for Meyers’ testimony before the House Homeland Security subcommittee on Cybersecurity and Infrastructure Protection subcommittee.
New detection configurations had been validated on July 19, but were “not understood by the Falcon sensor’s rules engine, leading affected sensors to malfunction until the problematic configurations were replaced,” according to Meyers’ statement.
CrowdStrike has since taken multiple steps to improve its deployment processes to ensure such an incident does not happen again, he said.
Delta Air Lines has threatened to take CrowdStrike to court over the devastating outage, saying it had to cancel 7,000 flights over five days, costing the carrier $500 million. CrowdStrike has rejected the allegations, saying Delta was trying to blame CrowdStrike for its own response to the outage.