CrowdStrike to apologize for global IT outage in congressional testimony

A CrowdStrike senior executive will apologize for causing a global software outage that ground the operations of hospitals, airports, payment systems and personal computers around the world to a halt in July.

Adam Meyers, senior vice-president for counter adversary operations at CrowdStrike, is slated to testify before Congress on Tuesday. Meyers will speak to the House homeland security cybersecurity and infrastructure protection subcommittee. In testimony made available before the hearing, he wrote: “I am here today because, just over two months ago, on July 19, we let our customers down … On behalf of everyone at CrowdStrike, I want to apologize.” He will say the company has undertaken “a full review of our systems” to prevent the cascade of errors from occurring again.

The global software outage, which delayed flights and medical procedures and caused computers worldwide to display Microsoft’s famous “blue screen of death”, was first thought to be the result of a sophisticated and malicious cyber-attack against the maker of Windows. The actual explanation, however, brought to mind Hanlon’s Razor: CrowdStrike had published an update to its Falcon Sensor software, meant to detect and contain cybersecurity threats, which crashed roughly 8.5m computers running Windows instead.

Meyers will testify that the company takes full responsibility for the crashes: “The July 19 incident stemmed from a confluence of factors that ultimately resulted in the Falcon sensor attempting to follow a threat detection configuration for which there was no corresponding definition of what to do.”

This post was originally published on this site