“On behalf of everyone at CrowdStrike, I want to apologize,” CrowdStrike Senior Vice President Adam Meyers said during opening remarks at a House hearing Tuesday. “We are deeply sorry this happened and are determined to prevent it from happening again.”
Meyers’s appearance before the House Homeland Security Subcommittee on Cybersecurity and Infrastructure marked the only hearing so far scheduled to discuss CrowdStrike’s botched July 19 update, which crashed computers running Windows software and prompted a global outage.
Thousands of flights were canceled or delayed due to the outage, while hospitals, emergency services and some government offices were also impacted. The incident sparked scrutiny of the cybersecurity firm and how foreign adversaries could take advantage of these sorts of vulnerabilities.
“The sheer scale of this error was alarming. A routine update could cause this level of disruption – just imagine what a skilled and determined nation-state actor could do,” subcommittee chair Rep. Andrew Garbarino (R-N.Y.) said in opening remarks.
Meyers emphasized the July outage was not a cyberattack from foreign threat actors.
“This incident was caused by a CrowdStrike rapid response content update that was focused on addressing new threats,” he said, adding the company is focused on increasing transparency and “learning” from the failed update.
“We have undertaken a full review of our systems and begun implementing plans to bolster our content update procedures so that we emerge from this experience as a stronger company,” he said. “I can assure you that we will take the lessons learned from this incident and use them to inform our work as we improve for the future.”
Read more in a full report at TheHill.com.
