Halt!

Due to a computer glitch and are supposedly unrelated, United Airlines flights were grounded this morning and at the same time the New York Stock Exchange halted all trading.

Is foul play suspected? At this time, the answer is no, but when we talk of Information Security, we always go back to the golden trio of Confidentiality, Availability, and Integrity.

Just like  Post-Doctorate medical doctor getting his degree, it’s a workforce multiplier, because that leads to a new doctors office (buy, rent), a person to answer the phones and do billing, nurses, labs for lab work. The exact opposite is true when availability is compromised to critical systems such as travel and trading. I’m sure with the losses in travel, they will pass the expenses onto the consumer while the Stock Exchange showed higher losses than usual when ‘betting’ on a system they are more cautious and apprehensive on using. The U.S. stocks closed with sizable losses with the Dow Jones industrial average losing 261 points, Standard & Poor’s 500 gave up 34 points and the Nasdaq was down 87 points.

The United Airlines downing of the aircraft was due to a router and automation issues, from the news stories I’ve read. What this means to me, and I could be wrong, is that they might have been performing Infrastructure as a Service (IaaS) and dynamically created or removed a critical route OR someone did something they shouldn’t have without following proper change control procedure.

The FBI and Department of Homeland security immediately rose to action to investigate the outage at the New York Stock Exchange but didn’t find any attack footprints but also did not say what caused the outage. That means to me that it was either a really good attack, something like a program errored out wrong, something like a system went on the fritz or someone really messed up.