menu

There’s an old axiom in science and statistics: correlation does not imply causation. It’s a caution against deducing too much from a seeming connection. Sometimes what walks and talks like a duck isn’t actually a duck.

Yesterday, a series of issues at major American operations all occurred around the same time and were attributed to technical glitches. United Airlines grounded all its flights; the New York Stock Exchange halted trading for about three hours; and the Wall Street Journal’s homepage read “Oops, 504!”

Many in the public and press (me included) suspected a cyber attack. It was too much coincidence, and given the persistent cyber threats to the United States and ongoing reports of hacks at public and private institutions, Wednesday’s technical issues sure smacked of an attack. Homeland Security Secretary Jeh Johnson stated that the problems were unrelated, but readers and writers continued to speculate on whether that was even true.

Well, it was true. There are some simple explanations for what happened.

United Airlines: The problem was caused by the HP/SHARES reservation system, originally purchased by Continental Airlines and acquired by United when the two airlines merged in 2010. According to industry insiders, Continental bought the HP/SHARES system because it was cheap. Unfortunately, it is also poor technology. An automation glitch in this legacy system meant United was unable to keep track of who was flying where on what. It’s why, in an attempt to get things back on track, some agents were hand-writing tickets. Flights resumed hours later, but the costs were substantial – in the neighborhood of $30 million, if not more. I wonder what a new reservation system would cost.

New York Stock Exchange: The NYSE is in the process of updating its systems, and before the market opened yesterday, the exchange was seeing problems with some of its many gateways, which are access points for stock orders. Trading volume steadily declined until 11:30 when NYSE President Thomas Farley made the call to shut down the exchange until the update problems were fixed. Like any system update or upgrade, some parts of the technology were not jiving with other parts, and gateway problems meant that traders and exchanges could not get into the NYSE to place orders. Fortunately, this did not have much of an impact on the day’s trading. Trades were just routed through other exchanges until 3 PM ET, when the NYSE came back online. The Dow did drop 261 points, but that was due to China’s stock market implosion and concerns over the Greek bailout.

Wall Street Journal: The hompage was down for computer users but not for mobile users. The rest of the website continued to work for all readers, and by 12:50 PM, everything was back to normal. The “Oops, 504!” message on the computer-viewed homepage meant the server on which WSJ is hosted was moving too slow to process HTTP requests. Websites glitch like this all the time, and this relatively minor issue would not even have received comment if it did not coincide with the issues at United and the NYSE.

Correlation is not causation, but we should have our guard up in the cyber realm. Cyber threats are relentless, and their costs are enormous. A new report from Lloyd’s estimates that the economic impact of a cyber attack on the U.S. power grid would top $1 trillion. There is every reason to be concerned that an attack on U.S. infrastructure could (and probably will) happen. We are in no way prepared to secure our systems and put them back in operation should they be compromised. The tech glitches on Wednesday are nothing compared to what the future likely holds for U.S. cybersecurity.

I’ll add, I’m sure the Internet’s conspiracy theorists will, after reading this post, peg me as a mouthpiece for Big Brother, perpetuating a false narrative. Doesn’t a mouthpiece get paid? Someone tell Big Brother I haven’t yet received my millions and a guaranteed spot in the Cheyenne Mountain Complex when the apocalypse arrives.

Justin Hienz is Editor for Security Debrief. He blogs primarily on radicalization, aviation security, religious and Middle Eastern affairs, and communications. Read More