Delta Air Lines is preparing to file a major lawsuit against cybersecurity firm CrowdStrike and tech giant Microsoft following a significant outage earlier this month. The incident, which occurred on July 19, was triggered by a faulty software update from CrowdStrike that affected millions of computers worldwide, including many of Delta’s systems. This resulted in the cancellation of nearly 7,000 flights and over 176,000 refund or reimbursement requests, with estimated losses for Delta ranging from $350 million to $500 million.
Delta has hired prominent attorney David Boies to pursue potential damages from CrowdStrike and Microsoft. The airline is seeking compensation for the financial losses and operational disruptions caused by the outage. The incident has also prompted the U.S. Department of Transportation to launch an investigation into Delta’s operations during the disruptions.
An Immediate Concern spurs on Investors
CrowdStrike’s stock plummeted by 25% in the two trading days following the outage, reflecting investor concern. The incident has also led to a proposed class action lawsuit by CrowdStrike shareholders, citing false and misleading claims about the company’s software testing and validation processes.
During an interview with CNBC, the CEO of Delta Air Lines, Ed Bastian, referred to Microsoft as “probably the most fragile platform” and asked the question “When was the last time you heard of a big outage at Apple?”
Delta CEO Ed Bastian has criticized both the flaw that caused the outage and CrowdStrike’s deployment processes, emphasizing the need for thorough testing and validation of software updates. He expressed concerns about the security of Microsoft’s platform and questioned the company’s ability to adapt to modern threats while maintaining a secure operating system.
Unlike Microsoft, which allows third-party applications deep access to its OS, Apple maintains strict control over its OS, preventing such issues. This was highlighted during the recent CrowdStrike outage, where Apple’s macOS was unaffected due to its architectural design that restricts third-party access to the kernel.
Furthermore, CrowdStrike itself acknowledges the superior security design of Apple’s OS. On macOS, CrowdStrike uses Apple’s Endpoint Security Framework, stating that “Falcon achieves the same levels of visibility, detection, and protection exclusively via a user space,” which is a more secure approach compared to the kernel-level access required on Windows.
This incident has led to a reevaluation of the security and reliability of different operating systems, with Apple’s macOS being seen as a more secure alternative. The recent CrowdStrike outage serves as a stark reminder of the importance of robust and secure OS design, a field where Apple has consistently excelled.
