US lawmakers have called on CrowdStrike CEO George Kurtz to testify on Capitol Hill and explain in detail the events leading up to last Friday’s global tech outage.
The US House of Representatives Homeland Security Committee sent an official letter to Kurtz on Monday to “respectfully request” the CEO’s public testimony, citing “the urgency and global scale of this incident.”
The outage, which affected 8.5 million Microsoft Windows devices, was said to be caused by the release of an untested security software patch sent out by CrowdStrike to its customers on Thursday.
By Friday, CrowdStrike customers around the world running Microsoft Windows OS – including those in the airline, banking, media, healthcare, and emergency services sectors – began to experience system meltdowns with computers crashing and showing the infamous Blue Screen of Death (BSOD).
Addressed to Kurtz using CrowdStrike’s Austin, Texas headquarters address, the letter gives the CEO until Wednesday (July 24th) at 5:00 p.m. ET to schedule a hearing, even providing a staff phone number to do so.
“While we appreciate CrowdStrike’s response and coordination with stakeholders, we cannot ignore the magnitude of this incident, which some have claimed is the largest IT outage in history,” the letter said.
The letter went on to say that the American people “deserve to know” how the event unfolded and the steps taken to mitigate the damage.
The outage and subsequent aftermath, which some companies, such as Delta Air Lines, are still dealing with, has raised questions on how to prevent this type of incident from happening again, as well as the dangers of having so many companies using cybersec software from the same company without diversifying products.
Security insiders are also now warning of threat actors capitalizing on the chaos, with an expected influx of CrowdSrike-related phishing attacks, fake websites, and other nefarious scams to take place during the recovery period.
The lawmakers described how the massive outage only highlights the “national security risks associated with network dependency.”
“Malicious cyber actors backed by nation-states, such as China and Russia, are watching our response to this incident closely,” the lawmakers wrote.
“Protecting our critical infrastructure requires us to learn from this incident and ensure that it does not happen again,” they said.
NEW: Chairmen @RepMarkGreen & @RepGarbarino sent a letter to CrowdStrike Chief Operations Officer George Kurtz, requesting his public testimony before the Committee regarding the global information technology outage that occurred last Friday.https://t.co/FYi8Tu2omI
undefined House Homeland GOP (@HomelandGOP) July 23, 2024
A spokesperson for the cybersecurity vendor responded to the release of the letter stating that "CrowdStrike is actively in contact with relevant Congressional Committees. Briefings and other engagement timelines may be disclosed at members' discretion."
The action was led by two House Republicans, Committee Chairman Mark Green, MD., of Tennessee, and Cybersecurity and Infrastructure Protection Subcommittee Chairman Andrew Garbarino of New York, who both signed the document.
Your email address will not be published. Required fields are markedmarked