Crowdstrike is to be hauled before the US House Homeland Security Committee this month to explain why its faulty software update - the one that took down millions of computer systems worldwide - ever happened.
CrowdStrike hires outside security outfits to review troubled Falcon code
READ MORE
However, instead of CEO George Kurtz being called to testify in the subcommittee hearing on September 24, Adam Meyers, Crowdstrike senior veep of counter adversary operations, is to take to the hot seat.
In July, public testimony from Kurtz was requested. The Register asked CrowdStrike why the top dog wouldn't be present and was told: "We continue to actively and collaboratively work with relevant Congressional Committees. Briefings and other engagement timelines may be disclosed at Members' discretion."
Confirmation of the hearing came at the end of last week, shortly after CrowdStrike reported Q2 figures for FY 2025 ended July 31, where it registered a 32 percent increase in revenue although conceded there would be a bit less in the pot for the rest of the financial year. Guidance of between $3.98 billion and $4.01 billion was cut in light of the July incident.
- CrowdStrike file update bricks Windows machines around the world
- Angry admins share the CrowdStrike outage experience
- The months and days before and after CrowdStrike's fatal Friday
- CrowdStrike Windows patchpocalypse could take weeks to fix, IT admins fear
- CrowdStrike fiasco highlights growing Sino-Russian tech independence
- EU gave CrowdStrike the keys to the Windows kernel, claims Microsoft
- CrowdStrike update blunder may cost world billions – and insurance ain't covering it all
Microsoft plans to hold a security summit in September, which will doubtless cover the CrowdStrike fiasco. We'd love to tell you more, but the press isn't invited. Transparency? Redmond's heard of it.
Still, the House Homeland Security Committee hearing will be an opportunity for a CrowdStrike exec to be quizzed about what the company intends to do to prevent a repeat of the incident, which took out approximately 8.5 million Windows devices and doubtless resulted in a lot of overtime for administrators as IT staff worked to undo the damage.
Subcommittee chairman Andrew Garbarino said: "While the outage was not due to a threat actor, we know our adversaries and opportunistic criminals have been watching closely. They have learned how a faulty software update can trigger cascading effects on our critical infrastructure. It's important the public and private sectors work together to mitigate risk going forward."
Too late now for canary test updates, says pension fund suing CrowdStrike
READ MORE
House Homeland Security Committee chairman Mark E Green said: "Considering the significant impact CrowdStrike's faulty software update had on Americans and critical sectors of the economy – from aviation to medical services – we must restore confidence in the IT that underpins the services Americans depend on daily.
"Recognizing that Americans will undoubtedly feel the lasting, real-world consequences of this incident for some time, they deserve to know in detail how this incident happened and the mitigation steps CrowdStrike is taking to avoid the cascading impacts of outages like this across sectors." ®