CrowdStrike says it is "highly disappointed" and rejects the claims made by Delta and its lawyers that the vendor exhibited gross negligence in the events that led to the global IT outage a little over two weeks ago.

That's according to a letter, seen by The Reg and sent to David Boies, partner at the law firm Delta hired to investigate the airline's legal options after it struggled more than most to bring its systems back online, leading to a sprawling list of flight cancellations.

The Falcon vendor reiterated its apology to Delta and the wider customer base. It then went on to remind Boies, known for his work as special counsel during the 1990s US antitrust trial against Microsoft, that it had been proactive in reaching out to Delta, offering support to the airline "within hours" of the incident unfolding.

"Delta's public threat of litigation distracts from this work and has contributed to a misleading narrative that CrowdStrike is responsible for Delta's IT decisions and response to the outage," the letter reads.

"Should Delta pursue this path, Delta will have to explain to the public, its shareholders, and ultimately a jury why CrowdStrike took responsibility for its actions - swiftly, transparently, and constructively - while Delta did not."

CrowdStrike's lawyer, Michael B. Carlinsky, then poked the bear further. He said that among other things, in this hypothetical trial Delta would also need to explain why it took so much longer than competitors to recover from the same issue, why it refused the free on-site help CrowdStrike offered - the support that led to faster recovery times than Delta's, and the operational resiliency of its IT infrastructure.

Before demanding a swathe of data to be preserved by Delta should the "unfortunate" litigation move forward, Carlinsky said CrowdStrike would "respond aggressively" to protect its customers, employees, and shareholders.

"CrowdStrike's focus remains on its customers, including Delta," the letter went on to say. "CrowdStrike hopes Delta reconsiders its approach and agrees to work cooperatively with CrowdStrike going forward, as the two sides historically have done."

The Register contacted Delta for input but it did not immediately respond.

A Crowdstrike spokesperson told The Register: "The letter speaks for itself. We have expressed our regret and apologies to all of our customers for this incident and the disruption that resulted. Public posturing about potentially bringing a meritless lawsuit against CrowdStrike as a long-time partner is not constructive to any party. We hope that Delta will agree to work cooperatively to find a resolution."

Per our reporting last week of Delta's plans to explore litigation, the airline was also looking into potentially bringing legal action against Microsoft too as systems running on its Windows OS were exclusively affected by the incident.

It made the appointment of David Boies - named partner at the New York firm Boies Schiller Flexner - even more compelling, given the lawyer's history in taking on Microsoft and winning.

Boies was special trial counsel in the Department of Justice's 1998 antitrust case against Microsoft which two years later resulted in Microsoft being found guilty on most charges related to bundling Internet Explorer with Windows, before settling on appeals in 2001.

He has also represented various other Microsoft opponents too, as well as numerous high-profile clients from the tech sphere and beyond.

As things stand

The vast majority of CrowdStrike customers are now back online and fully recovered, although the global mega outage was still being fingered for lingering issues as recently as last week.

Some users took longer to recover than others because booting into safe mode or trying to work through some of the other early recovery options on a Windows device required inputting their Bitlocker recovery key. BitLocker is Microsoft's encryption tool, which makes a Windows device's storage inaccessible without the key.

As for Crowdstrike, the security shop is now battling other issues, namely its share price the value of which continues to fall according to premarket figures today.

Shares are trading at $217.89 which is a hefty tumble compared to the price exactly a month ago - $389.68.

This is understandably not very good news for shareholders, some of whom are assembling to sue the company over its approach to rolling out updates.

The Plymouth County Retirement Association pension fund brought federal legal action against CrowdStrike last week on behalf of savers who held shares in the company between 29 November, 2023, and 29 July this year.

The lawsuit alleges CrowdStrike had not properly deployed canary testing before a phased rollout of updates as a means of preventing similar IT calamities in the future, and alleges this contributed directly led to the global outages in July.

"Since the CrowdStrike outage, publicly revealed evidence indicates that CrowdStrike was taking insufficient precautions regarding such updates," the lawsuit [PDF] alleges.

"For instance, CrowdStrike has promised to take remedial measures to ensure that such a crash does not happen again, including implementing a so-called canary deployment of such updates, meaning a progressive rollout that starts with a subset of users.

"This indicates CrowdStrike was not taking such measures prior to the CrowdStrike outage."

Responding to the development, CrowdStrike told us: "We believe this case lacks merit and we will vigorously defend the company." ®

https://www.theregister.com//2024/08/05/crowdstrike_is_not_at_all/