Crowdstrike caused a global computer meltdown — people at the Black Hat cybersecurity conference can’t get enough of its swag
Elvis, Britney, and Cher all found redemption in Las Vegas after going through a rocky phase.
This week, it was Crowdstrike's turn.
The embattled cybersecurity company, whose buggy software update brought much of the world to a standstill last month, is enjoying a moment of strange cultural cachet at the annual Black Hat security conference, as throngs of visitors flock to its booth to snap selfies and load up on branded company shirts and other swag.
"My friend says I have to get one," one person waiting in line by the Crowdstrike booth told Fortune, referring to the collectible figurines the company was offering.
For many, the newfound notoriety of the Crowdstrike name is part of the appeal.
Frank Flanagan, a senior security engineer for a large west coast chain of convenience stores and fuel stations, clad in a colorful shirt and cowboy hat, told Fortune he was in line strictly to get his hands on a figurine.
“I hope it will be worth more after a year,” he chuckled, and joked that the value would be even greater if the company were to go out of business as a result of the legal woes stemming from the flawed software update.
Crowdstrike's stock has plunged roughly 40% since the incident, which caused computers running Microsoft Windows to display the dreaded “blue screen of death," grounding thousands of flights and freezing systems at banks and hospitals around the globe. Delta has said Crowdstrike is solely responsible for cancelled flights that it claims cost it more than $500 million.
While many Black Hat attendees found amusement in the company's brush with public notoriety, most of the people that Fortune spoke to at the event believed Crowdstrike was a solid and reputable company despite the incident. One Crowdstrike customer, a security professional at a restaurant chain, said he was very happy with the company’s response to the outage and that his company was quickly up and running again. Other attendees collectively shrugged at the idea that Crowdstrike could be blamed for a problem with a routine update that could happen to any of the security companies deeply intertwined with Microsoft Windows.
Steve Black, a professor of law and cybersecurity at Texas Tech University, pointed out that Delta’s argument against Crowdestrike is not a slam-dunk. There is a significant legal question about how much responsibility a business has for its own resilience, he said.
“Courts have been divided over the nature of digital harms,” said Black. “Does a plaintiff have to show financial harm to win?” A legal case will hinge on how dependent Delta was on the systems affected by the update, what its service agreement with Crowdstrike said, and what Delta’s remediation looked like. “If I delay, I may be responsible for some of the losses,” he said.
A CEO apology and hot-pressed T-shirts
If the Crowdstrike name seemed to be everywhere at the Black Hat conference, it wasn't entirely due to the news cycle. In an ironic twist, Crowdstrike is one of the top sponsors of this year's annual conference, eliciting occasional chuckles as its name is announced during panel sessions and displayed on large billboards.
“Adversaries aren’t stopping. Neither are we,” proclaims one oversized Crowdstrike advertisement above the indoor walk to the Mandalay Bay hotel conference convention center. “Resilience starts with us. Our focus remains with you.”
George Kurtz, the Crowdstrike CEO, spoke during a panel at the event and apologized to the audience for the debacle, according to the Washington Post. “George’s comments were brief but well said,” someone in the audience told the Post, noting that the comments got a warm reception, “which surprised me, given how critical the security community can be.”
The Crowdstrike incident was a frequent topic during the opening keynote panel session featuring Jen Easterly, the director of the U.S. Cybersecurity and Infrastructure Security Agency. Easterly said the widespread outage reinforced the need for "cyber resiliency" and diligent testing and designing by tech vendors.
Jerry Layden, CEO at CyberSaint, told Fortune that the stakes are high when it comes to placing blame for the outage, since the scale of the economic impact is so big. His company’s analysis estimated operational costs of the outage reaching $5 billion for the Fortune 500 alone.
Layden believes that Delta has some culpability for its losses. “They have to take some responsibility for understanding their environment, understanding where their biggest risks are,” he said, pointing out that most organizations think most about being attacked as the biggest cyber risk, but flaws in software updates can also impact the entire business. “Throwing it all on Crowdstrike is not fair.”
Others pointed out that Microsoft should take their fair share of the blame for the outage, which many say was caused by the design of Windows in its core architecture that leads to malware, spyware and driver instability. “Microsoft should not be giving any third party that level of access,” said Eric O’Neill, a cybersecurity expert, attorney and former FBI operative. “Microsoft will complain, well, it's just the way that the technology works, or licensing works, but that's bullshit, because this same problem didn't affect Linux or Mac. And Crowdstrike caught it super-early.”
Back at the Crowdstrike booth, staffers busily operated machines to create custom-pressed shirts at the "T-Shirt bar," while others handed out small boxes containing the coveted figurines. The figurines, dubbed "Aquatic Panda" and "Scattered Spider," represent famous hacker groups and cyber criminals.
One security researcher in line said he didn't know what the collectibles were, but hard heard they were a hot item. Then again, the researched added, as if to avoid setting his expectations too high, "they probably aren't anything fancy." After all, he said, "the company lost like 40% of its stock."
This story was originally featured on Fortune.com