CrowdStrike chief called to testify over global Microsoft IT outage
A US Congressional committee has called on CrowdStrike’s chief to testify at a hearing about the cybersecurity firm’s role in the global tech outage that brought flights, banks, and hospital procedures to a halt.
On Friday, a major tech outage embroiled the world in chaos as computers running Microsoft Windows began to show the “blue screen of death”, which later became clear was due to a faulty update to a CrowdStrike software.
The outage led to over 3,000 flights cancelled in the US alone and nearly 12,000 delayed, leaving passengers stranded.
It also caused surgery cancellations and disruptions to emergency call centres, according to the House Homeland Security Committee which has called on CrowdStrike boss George Kurtz to testify over the incident.
Experts say it may take days, or even weeks, to resolve the chaos caused by the outage across sectors, requiring millions of labour hours.
“Recognizing that Americans will undoubtedly feel the lasting, real-world consequences of this incident, they deserve to know in detail how this incident happened and the mitigation steps CrowdStrike is taking,” representative Mark Green, the Republican chairman of the Homeland Security Committee, said in a letter to the CrowdStrike boss.
The outage highlights the problems posed by companies relying heavily on a small group of firms to run and maintain their digital infrastructure.
CrowdStrike assured the public that the outage was “not a security or cyber incident”, but caused due to a faulty update to the company’s security software for Microsoft Windows.
Microsoft said the incident shows “the interconnected nature” of the global tech ecosystem.
“We are relieved that you confirmed that this is not a security incident or cyberattack. However, this incident must serve as a broader warning about the national security risks associated with network dependency,” Mr Green wrote.
“Protecting our critical infrastructure requires us to learn from this incident and ensure that it does not happen again,” he said, adding that “malicious cyber actors” backed by countries like China and Russia would be watching the US response to the tech outage closely.
Representative Ritchie Torres, a Democrat from New York, pushed for cyber security reforms after the CrowdStrike tech outage.
The House committee called on the CrowdStrike chief for a hearing with the Subcommittee on Cybersecurity and Infrastructure Protection “by no later than 5.00pm on Wednesday, 24 July, 2024”.
A CrowdStrike spokesperson said the company “is actively in contact with relevant Congressional Committees”.