Last week the NYSE was shut down for trading for nearly four hours. The official explanation was a technical glitch. Of course, it was the worst glitch in nearly two centuries of trading activity. The last glitch worth mentioning was in 2001 when the exchange was down less than 90 minutes. Almost immediately the government and the exchange ruled out any form of cyber attack.
What makes the NYSE incident more concerning is that it occurred the same day as a United Airlines glitch that grounded flights across the country. In addition, The Wall Street Journal also experienced an outage. There were explanations for all three that seem reasonable. But three at once? And then two days later, TD Ameritrade has a serious outage as well?
All of this happened in a week during which the Chinese market showed evidence of a crash and the Chinese government vowed to stop malicious short selling. And, the NYSE glitch happened after Anonymous posted a mysterious tweet.
Yet, even before the problems were resolved, we were assured that there was no hacking–there was no cyber attack. Others weren't so certain. Breitbart reported a concern that the combination of glitches might be the start of a Cyber War. Others noted the long odds that a confluence of glitches might occur as they did. One cyber expert was quoted in WorldNetDaily:
"I have been in this business way too long to believe in coincidences. I hear such a thing may happen, but I have never seen one," he told WND…He explained that the "mission-critical systems" of major corporations and governments have communications, power, processing and storage redundancies built in that allow for a seamless "hot swap-over" to keep them running if one part of the system is incapacitated. "The odds of failure of three systems like this, simultaneously, are in the trillions to one," he said of the NYSE, United Airlines and the Wall Street Journal.
Then there is the fact that the software update was supposed to occur in a test environment and should not have had any negative impact when implemented:
"Asked to respond to the official explanation, the cyber intelligence analyst told WND that if true, the NYSE violated Sarbanes-Oxley Act regulations requiring that ‘mission-critical applications' be rolled out on a test network before being put on the production server."
Of course, there was an explanation for that as well. According to the official report, the test network functioned properly but in production orders slowed sharply.
There are two possibilities. One is that there was Cyber Warfare activity this week but it either wasn't recognized or was covered up. The other is that our systems simply are that vulnerable even without a hacking attack. Neither inspires confidence.
Remember the official explanations for the May 6, 2010 Flash Crash (when the Dow dropped almost 10% in a few minutes)? First, we were told it was a "fat finger." Then, it had something to do with Waddell and Reed, a Kansas City brokerage firm. Most recently, we have been told that the problem was caused by a London-based trader with $40 million. Some believe there has been a coverup. Others believe it was a cyber warfare test.
Here's the real problem. The Chinese have developed weapons that could crash our stock market. The Russians claim this capability as well. In fact, Russia hacked NASDAQ not long ago. And, the former head of the NSA and the military's Cyber Command has admitted publicly that nation states have the capability of taking down our economy via cyber and other means. Worse still, the current NSA head has admitted that China and others have the ability to take down our entire electric grid. The cost would be huge according to a new Lloyd's of London report:
Let's imagine an "improbable, but not impossible" cyberassault on the U.S. power grid. A shadowy group of skilled and malicious actors spend years implanting a piece of malware, dubbed the "Erebos" trojan, in the control systems of power plants across the Northeastern United States. It determines which of them haven't yet installed hardware to prevent a type of cyber-enabled assault that's been known to the industry for nearly a decade.
Then, on one fateful day, they activate the malware, causing up to 50 power-plant turbines to overload and burn out, blacking out the power grid between Chicago, New York City and Washington, D.C., and leaving 93 million people across 15 states without electricity. While some power is restored within 24 hours, it takes weeks for the rest — and the cost to the U.S. economy adds up to $243 billion, or in a worst-case scenario, nearly $1 trillion.
Of course, we have been warning about the Cyber-Economic war threat for years. When the "glitches" began this week, I was contacted by media and others acknowledging that the risks seemed all too real. You can see portions of my appearance on the Dana Show here:
We may never know whether or not there was hacking behind this week's unusual glitches. But, we cannot ignore the risk any longer.