iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Delta Air Lines has sued cyber firm CrowdStrike for the July software update that caused flight disruptions.
In July, CrowdStrike pushed a Falcon update that contained a defect for Windows hosts, causing the systems of a wealth of major organisations like Woolworths, Coles, Service NSW, Visa, and many more.
Additionally, a large number of major airlines suffered outages, causing flights to be delayed or cancelled. For Delta Air Lines alone, 7,000 flights were disrupted, 1.3 million travellers had their plans disrupted, and losses exceeded US$500 million, with the company saying over the five-day period alone, it estimated to have lost US$380 million.
Delta Air Lines has previously said it would seek damages from CrowdStrike and Microsoft.
CrowdStrike has previously said it would “respond aggressively” to any litigation brought against it, claiming it had minimal liability for the incident.
Now, Delta Airlines has filed for damages in the Fulton County Superior Court, calling the update “catastrophic”.
“If CrowdStrike had tested the faulty update on even one computer before deployment, the computer would have crashed,” said the lawsuit.
“Because the faulty update could not be removed remotely, CrowdStrike crippled Delta’s business and created immense delays for Delta customers.”
Delta is seeking US$500 million in out-of-pocket damages and an unspecified amount to cover expenditures like attorneys fees, as well as lost profits as a result of “reputational harm and future revenue loss”.
On Friday last week, CrowdStrike claimed that Delta Air Lines was attempting to move the blame off itself and onto the cyber firm.
“Delta’s claims are based on disproven misinformation, demonstrate a lack of understanding of how modern cyber security works, and reflect a desperate attempt to shift blame for its slow recovery away from its failure to modernise its antiquated IT infrastructure,” it said.
Microsoft has also previously joined its partner CrowdStrike in saying that the fault was with Delta Air Lines and not the cyber firm.
“Microsoft continues to investigate the circumstances surrounding the CrowdStrike incident to understand why other airlines were able to fully restore business operations so much faster than Delta, including American Airlines and United Airlines,” said lawyer Mark Cheffo.
“Our preliminary review suggests that Delta, unlike its competitors, apparently has not modernised its IT infrastructure, either for the benefit of its customers or for its pilots and flight attendants.
“Given all this, my client was surprised to see your letter. This is particularly so given that CrowdStrike has acknowledged responsibility for the content update that caused the July 19 incident.”
Reports also suggest that the systems Delta was struggling to restore were IBM, not Microsoft.
Be the first to hear the latest developments in the cyber industry.
