Compensation for global IT outage victims unclear
As the global IT outage caused by United States-based CrowdStrike's faulty update continues to impact businesses worldwide, questions are emerging about potential compensation, although experts suggest the cybersecurity company may not face significant financial liability due to the complexity of proving losses and the likelihood of insurance coverage.
Friday's incident led to widespread disruption across sectors including aviation, broadcasting, and healthcare. Additionally, millions of Microsoft Windows devices failed to start.
Although the incident caused chaos, CrowdStrike's stock price showed resilience, indicating investor confidence in the company's ability to weather the crisis and maintain its market position.
The aviation industry appears to be the most severely impacted by the IT outage and is facing potentially heavy losses. Analysis from Sky News detailed that while insurers have suffered significant stock price declines, their response may be limited.
Drawing from the COVID-19 pandemic experience, where many businesses were denied payouts due to policy wording, it is uncertain whether losses from this event are even covered by insurance, wrote Sky's business presenter Ian King.
Where coverage exists, it will likely be under specific cyber policies covering income loss due to third-party service interruptions, he said.
According to CrowdStrike's terms and conditions for its Falcon security software, which is widely used by companies and government agencies globally, the company's financial responsibility is capped at "fees paid", reported the Business Insider news website.
Elizabeth Burgin Waller, a cybersecurity legal expert, explained that this means affected users who agreed to these standard terms can expect no more than a refund, regardless of the extent of damage or lost revenue their businesses may have suffered.
"Even if they did cover that lost revenue or downtime, they limit the recovery against CrowdStrike to fees paid," Waller told Business Insider. "So, whatever I paid for fees to CrowdStrike, that's what the limitation of liability would be."
In a social media post on Sunday, CrowdStrike reported progress in addressing the consequences of the malfunction that one leading cybersecurity expert described as "the largest IT outage in history".
Avoid 'unofficial code'
Experts suggest the faulty software update that triggered the global IT outage likely bypassed standard checks before deployment.
The problematic update to CrowdStrike's Falcon sensor software, released Friday, caused affected devices to display a "blue screen of death" due to faulty code.
Steve Cobb, chief security officer at Security Scorecard, told Sky: "What it looks like is, potentially, the vetting or the sandboxing they do when they look at code, maybe somehow this file was not included in that or slipped through."
Cyber intelligence agencies have warned of malicious websites offering "unofficial code" to fix ongoing issues from the IT outage, reported the Financial Times newspaper.
CrowdStrike CEO George Kurtz cautioned users to verify official sources before downloading fixes.
"We know that adversaries and bad actors will try to exploit events like this," Kurtz said in a blog post.
Cybersecurity expert Troy Hunt added: "An incident like this that has commanded so many headlines and has people worried is a gift to scammers."