The cyberoutages came one after another: one of the nation’s biggest airlines, its largest financial news publication and its main stock exchange.

Wednesday morning’s spate of technological foul-ups grounded United Airlines flights, sidelined the Wall Street Journal’s website and halted trading for hours on the New York Stock Exchange. Their successive timing ignited widespread speculation about hacking attacks and conspiracy theories about who might be responsible.

Government and company officials said the causes were more mundane and technical, but the shutdowns nonetheless raise concerns about the vulnerability of vital organizations that can be easily crippled by malfunctions or cyberattacks.

As the world becomes more connected, such events expose serious risks for countries, companies and individuals who depend so heavily on fragile technology – often a mash-up of neglected old-fashioned processes and cutting-edge systems. Electricity grids, credit cards, social media, email, public transportation and GPS all have become indispensable to everyday modern life.

“These are incredibly complicated systems. There are lots and lots of failure modes that are not thoroughly understood,” said Jeff Schmidt, chief executive and founder of JAS Global Advisors, a security consulting firm. “Because the systems act so quickly, you have this really increased potential for cascading failures.”

Wednesday’s shutdown of the New York Stock Exchange lasted nearly four hours.

Advertisement

Trading was abruptly halted at 11:32 a.m. in the middle of a busy trading day, stunning the market and sending frazzled traders to alternative markets where stocks listed on the NYSE were still trading.

Soon afterward, the exchange issued a statement attributing the shutdown to “technical issues” and later posted a message on its Twitter account batting down any idea that the shutdown was the result of a hack.

The cause of the problem “likely had to do with an upgrade, but that is premature, and it’s something that will come about as part of a full analysis of the situation,” Thomas Farley, the NYSE’s president, said in a Bloomberg TV interview.

An exchange spokeswoman later said the cause had been traced to a “configuration issue.”

At about the same time, computer glitches grounded United Airlines flights for part of the day and hit the Wall Street Journal’s website.

“If bad news comes in threes, we just got a double dose,” said Sam Stovall, U.S. equity strategist for S&P Capital IQ, who also ticked off Greece’s financial troubles and other market worries.

Advertisement

Major U.S. markets were down amid the hailstorm of news.

The 30-stock Dow Jones industrial average fell 261.49 points, or 1.5 percent, to 17,515.42. The broader Standard & Poor’s 500 index dropped 34.66, or 1.7 percent, to 2,046.68 and the technology-oriented Nasdaq composite tumbled 87.70, or 1.8 percent, to 4,909.76.

On most days, the Internet and the myriad systems it powers can be counted on to work well enough.

But security experts say problems are inevitable, whether due to hacking, human error, broken cables, buggy code or other unforeseen issues.

Technology will evolve and improve over time, but it will never be foolproof. What’s more important, experts say, is for organizations and individuals to better protect themselves against issues that are bound to crop up – an often neglected task.

Carl Wright, general manager of TrapX, a security-through-deception defense company, said much of the rapid deployment of new technology comes with little forethought about security.

Advertisement

“If we take a look historically at security budgets for most enterprises, most are about 10 percent of the whole IT spend of an organization. Sometimes, it’s as low as 6 percent,” he said.

“Not a lot of the money an organization spends on tech to create capability for their business goes to securing it. What we need to see is a major shift.”

One problem: The best security systems can be costly. In other cases, the technology is still struggling to catch up to plug the holes.

But organizations can play defense. Business continuity plans and relationships with regulators and law enforcement can lead to faster response times when problems arise. Building in redundancies – using two Internet service providers, for instance – can serve as a backstop when one system crashes.

Training programs get employees up to speed on how to better handle failures. At the higher levels, nimble management teams can quickly identify an issue and respond to it – difficult in large corporations and heavily regulated businesses.

One strategy growing in popularity is for businesses to invite hackers to look for security vulnerabilities and reward them with so-called bug bounties.

Wednesday morning’s series of outages was an unusual occurrence, immediately prompting questions about a cyberattack.

Homeland Security Secretary Jeh Johnson said in a statement that “the malfunctions at United and the NYSE were not the result of any nefarious actor.”

Both organizations cited technical issues for their downtime, which totaled 31/2 hours for the NYSE and about 11/2 hours for United.


Only subscribers are eligible to post comments. Please subscribe or login first for digital access. Here’s why.

Use the form below to reset your password. When you've submitted your account email, we will send an email with a reset code.