Lessons from Delta’s crisis offense

Tom Corfman is an attorney and senior consultant with Ragan Consulting Group.

After a computer network outage crippled Delta Airlines for five days in July, CEO Ed Bastian employed a strategy more often linked to the football field than crisis management: The best defense is a good offense.

A defective update ironically to CrowdStrike’s antivirus software on July 18, 2024, brought down Microsoft Windows networks worldwide, touching every industry, including airlines, which began canceling thousands of flights. But only Delta launched a PR barrage against the cybersecurity firm, which had quickly admitted its responsibility, as well as against Microsoft.

The nation’s second largest carrier launched its attack by publicly hiring prominent attorney David Boies to sue the two vendors. (Among other cases, Boies is known for representing former Vice President Al Gore in the U.S. Supreme Court case, Bush v Gore, which decided the 2000 presidential election; and for successfully overturning Proposition 8, California’s ban on same-sex marriage, in 2013.)

Then, Delta brought out its big gun, Bastian, who scorned CrowdStrike and Microsoft in an interview on CNBC.

The sound strategy would be to acknowledge the problem, apologize, fix it and move on. Delta did that and then came out swinging. Maybe because the stakes were too high.

The estimated financial cost of the outage, more than $500 million, could be exceeded by the damage to the reputation of Delta, with 2023 revenue of $54.7 billion.

Bastian is advised by a communications team that would be the envy of many major corporations. His public relations strategy was likely driven by the fact that Delta took longer to recover from the outage than its competitors.

Corporate communicators will closely study Delta’s PR moves, asking questions such as: Did the company adequately explain the reason for the lengthy delay? Did it do so in a timely manner? Did the company divert media attention away from Delta and back on CrowdStrike and Microsoft? Or did Delta merely prolong coverage of an embarrassing and costly chapter?

We don’t know enough yet to answer these questions, but a review of the events can help us start thinking about them.

The outage
The computers began crashing on the evening of Thursday, July 18, when Microsoft reported that its networks were crashing, according to CNN. At 3:54 a.m. the next morning, Delta said it had grounded all its flights. About an hour later, CrowdStrike CEO George Kurtz posted a message on social media saying a company software update had caused networks to crash.

On the busiest travel weekend of the summer, air travel came to a halt.

By Monday, July 22, most carriers had recovered except Delta, the Associated Press reported. The company didn’t resume normal operation until the morning of July 25, after canceling more than 7,000 flights.

Delta’s initial response
The company posted 13 updates to its news site from July 19 to July 25. In statements, Bastian apologized on July 21 and 24.

As part of his first apology, Bastian explained that the company’s Windows-based crew-tracking software, which schedules flight teams with available planes, was “unable to effectively process the unprecedented number of changes triggered by the system shutdown.”

The company promptly offered their customers refunds, reimbursements for out-of-pocket expenses and credits for their loyalty program.

Bringing in Boies
Delta fired its first shot on July 29, when CNBC reported that evening that the company had hired Boies, 83. The next day, the news media began reporting on Boies’ hiring and letters from him to CrowdStrike and Microsoft written the day before.

The interview
Two days later, Bastian renewed the attack during a friendly interview on “Squawk Box,” on CNBC.

Cohost Andrew Ross Sorkin, also a New York Times financial columnist, began by praising Delta’s “amazing” passenger lounge in John F. Kennedy International Airport in New York.

During the interview on July 31, Sorkin did not press Bastian as he stated his case:

• “The issue is exactly … at Microsoft and CrowdStrike and we are heavy with both. We’re by far the heaviest in the industry with both. And so, we got hit the hardest in terms of the recovery capability.”
• “Microsoft and CrowdStrike are the top two competitors around cyber with each other. So, they don’t necessarily partner at the same level that we need them to.”
• “We have no choice” but to sue.
• “If you’re going to be having access, priority access to the Delta ecosystem in terms of technology, you’ve got to test this stuff… You can’t come into a mission critical 24/7 operation and tell us we have a bug.”
• “They haven’t offered anything. Free consulting advice to help us. Right. Exactly so. But that’s, that’s the extent of it.”
• “My sense is they’re [Microsoft] probably the most fragile platform within that space. When was the last time you heard about a big outage at Apple?”

Sorkin returned to the Delta lounge during the last minute of the 6:34 interview, which was widely covered.

Unintended consequences?
The story began to quiet down until reporters got hold of a response by CrowdStrike’s lawyer to Boies’ July 29 letter.

Delta will have to explain why its “competitors, facing similar challenges, all restored operations much faster,” wrote Michael Carlinsky, a partner with law firm Quinn Emanuel Urquhart & Sullivan, one of the 20 largest law firms in the U.S.

CrowdStrike’s CEO personally offered assistance to Bastian, but the Delta CEO did not respond, Carlinsky wrote in an August 4 letter. Delta’s IT team turned down assistance from CrowdStrike that other airlines accepted, he added.

Carlinsky denied that CrowdStrike had been grossly negligent, the standard for legal liability in such cases.

Not to be left out, Microsoft’s lawyer sent a fiery response to Boies’ letter on August 6.

“Our preliminary review suggests that Delta, unlike its competitors, apparently has not modernized its IT infrastructure, either for the benefit of its customers or for its pilots and flight attendants,” wrote Mark Cheffo, a partner with Dechert, another huge law firm.

Bastian did not reply to an email from Microsoft CEO Satya Nadella offering the company’s help, Cheffo added. Delta’s IT team also turned down other offers from Microsoft.

Not content to leave it there, Boies responded with another letter, accusing CrowdStrike of mounting a “blame the victim” defense. And Bastian told the Wall Street Journal the offers of assistance came after Delta was solving the problem on its own.

The General
During its initial response, Delta acknowledged that its recovery from the outage was slow, but didn’t admit what everybody already knew: Its response was slower than its competitors. Such an admission would have increased the credibility of Bastian’s apologies.

Its attack on CrowdStrike drove home what that company had already admitted. Even if Bastian was successful shifting public perception of the blame, the charges may raise other questions down the road. Who hired them? And who was supervising them?

Customers, employees and shareholders will hold the CEO ultimately responsible.

“It’s been a wakeup call for me,” Bastian said during the CNBC interview. Maybe he should have asked the front desk for an earlier call.

Even if he was successful shifting public perception, it came at a cost of extending coverage of the debacle for 12 days. Lawsuits will spark more coverage.

Although Delta’s apparent strategy, “The best defense is a good offense,” is often associated with football coaches, it was popularized by boxer Jack Dempsey, world heavyweight champion from 1919 to 1926.

The concept dates back at least to a letter George Washington wrote in 1799 to John Trumbull, an artist and his former aide-de-camp during the Revolutionary War.

After he left office, Washington wrote, “Offensive operations, often times, is the surest, if not the only (in some cases) means of defense.”

Perhaps Bastian’s strategy was his only means of defense.

 Follow RCG on LinkedIn.