Delta Refutes CrowdStrike’s Claims, Says Offer of Help Came Too Late



Skift Take

In the latest tit-for-tat between Delta, CrowdStrike and Microsoft, Delta is claiming that CrowdStrike’s offer of onsite assistance came after it restored most of its critical systems.

Delta Air Lines fired back at CrowdStrike Thursday, saying the cybersecurity firm is taking a “blame the victim” defense.

In a letter sent to CrowdStrike’s attorney, Delta’s lawyer David Boies said CrowdStrike failed to provide an “automatic” solution to resolve an IT outage that eventually turned into a meltdown for Delta. 

“There is no basis — none — to suggest that Delta was in any way responsible for the faulty software that crashed systems around the world, including Delta’s,” Boies wrote. CrowdStrike has not suggested that Delta was responsible for the July 19 outage, but that it shouldn’t be blamed for Delta’s five day-long meltdown. 

While other airlines recovered quickly from the July 19 CrowdStrike outage, it took Delta much longer to bounce back. The carrier canceled around 7,000 flights. 

Delta is now expecting to take a $380 million revenue hit during the third quarter, according to a regulatory filing posted Thursday. The carrier will also incur $170 million in expenses related to customer reimbursements and crew costs. 

CEO Ed Bastian told CNBC’s “Squawk Box” last week that the carrier had “no choice” but to sue CrowdStrike and Microsoft. 

Boies’ letter refutes most of the claims from CrowdStrike. However, the letter does not directly address Microsoft’s claims. Microsoft’s attorney sent a letter to Delta on Tuesday that claimed outdated technology most likely caused Delta’s meltdown. 

“Rather than continuing to try to evade responsibility, I would hope that CrowdStrike would immediately share everything it knows,” Boies’ letter read. “It will all come out in litigation anyway.”

Delta Claims CrowdStrike Wasn’t Proactive

CrowdStrike said on Monday that it offered Delta onsite assistance for the meltdown, but Delta refused. The cybersecurity firm’s lawyer also said that its CEO contacted Bastian, but got no response. 

Now, Delta is claiming that CrowdStrike CEO George Kurz’s offer of help was “unhelpful and untimely.” Boies wrote that the offer came four days after the IT outage and by that time, Delta had already restored most of its critical systems. 

“Many of the remaining machines were located in secure airport areas requiring government-mandated access clearance,” the letter read. “By that time Delta’s confidence in CrowdStrike was naturally shaken.”

Delta is also claiming that CrowdStrike did not proactively offer onsite assistance. Instead, the carrier said CrowdStrike referred it to a website that suggested to manually reboot every single affected machine.  

CrowdStrike said Kurz called Delta board member David DeWalt four hours into the July 19 outage and the company’s chief security officer was in contact with their counterpart at Delta. CrowdStrike also said its teams and Delta’s “worked closely together within hours of the incident.” The cybersecurity firm added that it offered more assistance beyond the website.

“Delta continues to push a misleading narrative,” a CrowdStrike spokesperson said in a statement.

Boies said that when CrowdStrike offered an automated solution July 21, the company also introduced another bug that “prevented many machines from recovering without additional intervention.”

Delta Says It’s More Reliant on Microsoft and CrowdStrike

Delta’s lawyer said the carrier’s longer recovery time was due to the fact that it’s more reliant on CrowdStrike and Microsoft than other airlines. Around 60% of Delta’s “mission-critical” applications, including back-ups, rely on CrowdStrike and Microsoft, the letter said. 

“Delta’s reliance on CrowdStrike and Microsoft actually exacerbated its experience in the CrowdStrike-caused disaster,” the letter read. 

Another issue for Delta during the meltdown was that it couldn’t get in touch with crew members. Delta previously said its crew scheduling systems needed a longer time to synchronize. Boies’ letter said CrowdStrike’s July 19 software update caused such a significant backlog in Delta’s crew scheduling systems that it needed human intervention to be resolved. 

See CrowdStrike’s full statement below:

“Delta continues to push a misleading narrative. CrowdStrike CEO George Kurtz called Delta board member David DeWalt within four hours of the incident on July 19th. CrowdStrike’s Chief Security Officer was in direct contact with Delta’s CISO within hours of the incident, providing information and offering support. CrowdStrike’s and Delta’s teams worked closely together within hours of the incident, with CrowdStrike providing technical support beyond what was available on the website. This level of customer support led Delta board member David DeWalt to publicly state on LinkedIn [linkedin.com]: “George and his team have done an incredible job, working through the night in difficult circumstances to deliver a fix. It is a huge credit to the Crowdstrike team and their leadership that many woke up to a fix already available.”

Airlines Sector Stock Index Performance Year-to-Date

What am I looking at? The performance of airline sector stocks within the ST200. The index includes companies publicly traded across global markets including network carriers, low-cost carriers, and other related companies.

The Skift Travel 200 (ST200) combines the financial performance of nearly 200 travel companies worth more than a trillion dollars into a single number. See more airlines sector financial performance. 

Read the full methodology behind the Skift Travel 200.



Source link

About The Author

Scroll to Top