Share this article on:
CrowdStrike has announced that it is suing Delta Air Lines following the July global outage that allegedly saw 7,000 of the airline’s flights and the trips of 1.3 million of its passengers disrupted.
Just a week after Delta Air Lines announced that it would be seeking US$500 million in damages from CrowdStrike, the cyber security firm has responded with a lawsuit of its own.
“While we aimed to reach a business resolution that puts customers first, Delta has chosen a different path,” CrowdStrike said in a statement responding to Delta’s lawsuit.
“Delta’s claims are based on disproven misinformation, demonstrate a lack of understanding of how modern cyber security works, and reflect a desperate attempt to shift blame for its slow recovery away from its failure to modernise its antiquated IT infrastructure.”
Delta’s lawsuit claims that the “catastrophic” July outage, which was caused by a defect in an update it pushed, was deployed without testing, resulting in 8.5 million Windows devices all over the world going offline.
“If CrowdStrike had tested the faulty update on even one computer before deployment, the computer would have crashed,” said the lawsuit.
“Because the faulty update could not be removed remotely, CrowdStrike crippled Delta’s business and created immense delays for Delta customers.”
CrowdStrike, however, said that Delta delayed its own recovery by refusing assistance from it and its partner, Microsoft.
“We have filed for a declaratory judgment to make it clear that CrowdStrike did not cause the harm that Delta claims, and they repeatedly refused assistance from both CrowdStrike and Microsoft,” it said.
“Any claims of gross negligence and willful misconduct have no basis in fact.”
Microsoft has also previously joined its partner CrowdStrike in saying that the fault was with Delta Air Lines and not the cyber firm.
“Microsoft continues to investigate the circumstances surrounding the CrowdStrike incident to understand why other airlines were able to fully restore business operations so much faster than Delta, including American Airlines and United Airlines,” said lawyer Mark Cheffo.
“Our preliminary review suggests that Delta, unlike its competitors, apparently has not modernised its IT infrastructure, either for the benefit of its customers or for its pilots and flight attendants.
“Given all this, my client was surprised to see your letter. This is particularly so given that CrowdStrike has acknowledged responsibility for the content update that caused the July 19 incident.”
Reports also suggest that the systems Delta was struggling to restore were IBM, not Microsoft.