CrowdStrike Exec Sorry for Outage that Congress Dubbed a 'Catastrophe'

A senior executive from CrowdStrike issued an apology to the U.S. House of Representatives Tuesday in response to the July software update that caused a massive outage for Microsoft Windows users.

Adam Meyers, senior VP for counter adversary operations at CrowdStrike, testified before a House subcommittee to address the outage and its international implications. The July 19 CrowdStrike software update ground to a halt many banks, airlines and other operations around the globe.

"On July 19, we let our customers down," Meyers said in prepared testimony before the House Homeland Security Cybersecurity and Infrastructure Protection subcommittee. "We are deeply sorry this happened and are determined to prevent it from happening again." 

"We cannot allow a mistake of this magnitude to happen again," House Homeland Security Committee chair Mark Green (R-TN) said, noting how the events were a "catastrophe we would expect to see in a movie."

CrowdStrike released an update of its Falcon Sensor security software on July 19, Meyers said, but that update was "not understood by the Falcon Sensor's rules engine, leading affected sensors to malfunction until the problematic configurations were replaced." That led to a massive content collapse.

That's why CrowdStrike has adjusted its product update policies so that customers can choose if and when they receive new updates, Meyer said. The vendor has also been cooperating with federal agencies to provide "transparency and visibility into everything that's occurring."

Related:CrowdStrike Symposium: Partners Driving Innovation, Growth

Meyer denied that AI may have been involved in releasing the software update. That didn't stop lawmakers from expressing their fears about the technology and what it could mean for their industry.

"AI scares me," Rep. Carlos Gimenez (R-FL) told Meyer. "Because the only defense against AI in the future — I mean, if it gets totally mature and it just starts writing code ... you have to have AI on your side that writes the counter code just as fast … I can see this as being a tremendous problem."

Aftermath of CrowdStrike Outage

The results were felt by companies across the world, leading to some threatening legal action. Delta Airlines threatened to take CrowdStrike to court over the outage after it had to cancel 7,000 flights over a five-day period. CrowdStrike denies responsibility for the cancelations, alleging that Delta is blaming its own choices on the software failure.

The outage forced CrowdStrike to adjust its revenue and profit forecasts, and the company noted that it expects to see several challenges in the future due to the outage.