this post was submitted on 09 Aug 2024
59 points (98.4% liked)

Cybersecurity

5685 readers
23 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 1 year ago
MODERATORS
kid@sh.itjust.works
Lanky_Pomegranate530@midwest.social
59
Delta: CrowdStrike’s offer for help too little, too late (www.theregister.com)
submitted 3 months ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works
13 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] Mikina@programming.dev 3 points 3 months ago* (last edited 3 months ago) (2 children)

A Delta spokesperson said the airline "will decline to comment further." ®

Huh, did they really register that sentence? :D

Also, the CS response to the accusations should have been at the beginning, not near the end of the article, because it does provide some pretty important context, including links to LinkedIn posts from Delta board members that directly contradict most of the article:

When asked about this August 8 letter from Delta, a CrowdStrike spokesperson told The Register:

Delta continues to push a misleading narrative. CrowdStrike CEO George Kurtz called Delta board member David DeWalt within four hours of the incident on July 19th. CrowdStrike's Chief Security Officer was in direct contact with Delta's CISO within hours of the incident, providing information and offering support.

CrowdStrike's and Delta's teams worked closely together within hours of the incident, with CrowdStrike providing technical support beyond what was available on the website.

This level of customer support led Delta board member David DeWalt to publicly state on LinkedIn: "George and his team have done an incredible job, working through the night in difficult circumstances to deliver a fix. It is a huge credit to the Crowdstrike team and their leadership that many woke up to a fix already available."

I'm all for CS having consequences for what happened, but Delta so obviously lying here with literal Linkedin posts from their board members that directly contradict what they are claiming, that's just scummy.

[–] intelisense@lemm.ee 5 points 3 months ago

The A Delta spokesperson said the airline "will decline to comment further." ®

Huh, did they really register that sentence? :D

The ® is appended to all articles on The Register since I've known it, some 20 years now...

[–] thesmokingman@programming.dev 5 points 3 months ago (1 children)

The Delta board post doesn’t contradict the accusations at all. It’s possible for that person to have worked through the night and for Delta to still be overly fucked. Direct contradiction is going to involve receipts. DeWalt specifically has a vested interest in the appearance of cybersecurity success as his firm, NightDragon, is heavily invested in cybersecurity and probably upsells for CrowdStrike.

Without receipts, we just have two very shitty companies taking swings at each other in the media. We should hate both for their exploitation and wait for receipts that will come with discovery.

[–] Mikina@programming.dev 2 points 3 months ago

You are right, calling it a contradiction was not exactly accurate. Or rather - it did contradict some of the narrative that is pushed by Delta, about CS not providing any support in the first few days, which it sounds like isn't exactly true. But most of the case will indeed still need more receipts, that's true.