Microsoft and CrowdStrike counter Delta's claims for damages with accusations

The massive IT outages caused by a faulty update from security provider CrowdStrike on Microsoft systems have particularly affected Delta Air Lines, prompting the US airline to examine claims for damages. But even before this happens, Microsoft and CrowdStrike emphasize that Delta has not allowed itself to be helped. Offers of help from the two IT companies were ignored or rejected. Microsoft also pointed out that an important Delta system affected by the problems came from and was operated by other companies such as IBM. Microsoft is not responsible for this.

Delta was massively affected by the CrowdStrike problem. In the days since the incident on July 19, the airline said it had canceled over 6,000 flights. Delta was only able to report normal operations again six days after the incident. According to the company, the crew scheduling system in particular was permanently disrupted by the outage. Delta CEO Ed Bastian estimates the damage caused at up to 500 million US dollars (460 million euros). Delta Air Lines is therefore considering demanding compensation from CrowdStrike and Microsoft.

However, even before such claims are made, both CrowdStrike and Microsoft counter with accusations against the airline. CrowdStrike boss George Kurtz has repeatedly tried to contact Delta CEO Bastian, but has received no response. This is according to a letter from CrowdStrike's lawyers, reports Bloomberg. However, CrowdStrike hopes to find a solution together. However, the lawyers point out that "any liability of CrowdStrike is contractually limited to an amount in the single-digit millions".

Microsoft: Delta's IT system outdated

Microsoft is bringing out the big guns and accusing Delta Ait Lines of not having sufficiently modernized its IT technologies. Microsoft's lawyers wrote this in a letter to Delta's lawyers. Microsoft is still investigating why other US airlines such as American Airlines and United Airlines were able to recover more quickly from the IT failures than Delta. "Our preliminary review suggests that Delta, unlike its competitors, has apparently not modernized its IT infrastructure, either for the benefit of its customers or for the benefit of its pilots and flight attendants," it says.

In response, Delta felt compelled to make a statement, explaining that it has invested billions of dollars in IT since 2016, in addition to the billions spent annually on IT operating costs. Delta has "a long track record of investing in a secure, reliable and high-quality service for our customers and employees".

Microsoft's lawyers also write that Microsoft CEO Satya Nadella contacted Delta CEO Bastian by email but received no response. Microsoft employees also offered Delta help, but also without success. One Delta employee wrote back: "All good. Cool, I'll be in touch and thanks."

Crew system probably without Windows and CrowdStrike

Furthermore, the crew scheduling system highlighted by Delta itself as an example of the extent of the IT failures would not be based on Windows or Microsoft's Azure cloud. As CNBC reports, Delta has signed a multi-year contract with IBM in 2021 for a hybrid cloud architecture based on Red Hat's OpenShift software. According to them, Amazon is also Delta's preferred cloud provider.

Therefore, Microsoft's lawyers write, "it quickly becomes clear that Delta likely refused Microsoft's help because the IT system it had the most trouble recovering – the crew tracking and scheduling system – was maintained by other technology vendors, such as IBM, because it runs on those vendors' systems and not on Microsoft Windows or Azure."

Microsoft is therefore demanding that Delta disclose the extent to which IBM and Amazon systems and infrastructures were involved in the IT failures. In technical terms, Delta itself has so far only stated that the airline had to manually restart 40,000 servers.

Listen to the podcast from heise security. Episode 8 is – of course – about the CrowdStrike incident: What the company did wrong and how to prevent similar incidents in the future.

Empfohlener redaktioneller Inhalt

Mit Ihrer Zustimmmung wird hier ein externer Podcast (Podigee GmbH) geladen.

Podcasts immer laden Podcast jetzt laden

Ich bin damit einverstanden, dass mir externe Inhalte angezeigt werden. Damit können personenbezogene Daten an Drittplattformen (Podigee GmbH) übermittelt werden. Mehr dazu in unserer Datenschutzerklärung.

(fds)