Cyber attacks or rubbish systems: which are more alarming?

Catastrophic failure of complex systems is something we should be more worried about

An ‘internal technical issue’ knocked the New York Stock Exchange, the cathedral of US capitalism, out of action for hours on Wednesday. Photograph:  Spencer Platt/Getty Images
An ‘internal technical issue’ knocked the New York Stock Exchange, the cathedral of US capitalism, out of action for hours on Wednesday. Photograph: Spencer Platt/Getty Images

This was not a great week for the modern computerised stock market. The New York Stock Exchange, essentially the cathedral of US capitalism, was knocked out of action for a few hours on Wednesday, causing quite a bit of chaos.

Meanwhile, China’s market went into full-on bear mode, with huge sell-offs from panicked investors causing a number of so-called safety measures to kick in, suspending activity on about 45 per cent of the market’s shares.

And these weren't the only large computerised systems struggling to keep it together – also on Wednesday, United Airlines had to ground its entire fleet due to a software issue, while the Wall Street Journal's website went down for a few hours, just a few months after Bloomberg's business terminals went offline for a number of hours in April.

Inevitably this confluence of events led to a proliferation of conspiracy theories about a huge global cyberattack targeting commerce and transport.

READ SOME MORE

In reality, the causes of this week’s problems were probably a lot more mundane.

China’s market suspension was evidence of its systems working as they were designed – a communist government is only going to give so much power to Adam Smith’s “invisible hand”, after all, and so designed a brake system to suspend trading in a stock when shares rise or fall more than 10 per cent in a day. The market was in panic-mode this week so a lot of stocks had to be suspended.

Technical issue

In New York, the NYSE said the problem was not a cyber breach but an “internal technical issue”, which is suitably opaque. (And let’s acknowledge that the NYSE might well be inclined not to advertise the fact it had been the victim of a hack or cyberattack).

The threat of cyberattacks is not the exclusive domain of Hollywood thrillers: this week's conspiracy theories came against the background of a huge breach of the US Office of Personnel Management earlier this year, targeting the data of 22 million people, with the finger being pointed at China.

Cyberattacks may be real, but as business writer Felix Salmon put it, "We live in a world of increasingly complex systems, and one rule of complex systems is that when they fail, they tend to fail visibly and quite catastrophically."

There was no pattern to this week’s events, Salmon says, just an “illusory correlation”.

That is a rather comforting message but perhaps the catastrophic failure of complex systems is something we should be more concerned about, at least as much as cyberattacks.

As technology researcher Zeynep Tufekci wrote at Medium.com, "The big problem we face isn't co-ordinated cyber-terrorism, it's that software sucks . . . Essentially there is a lot of the equivalent of 'duct-tape' in the code, holding things together . . . I'm actually more scared at this state of events than I would've been at a one-off hacking event that took down the NYSE."

This week’s software meltdowns, then, were a sobering reminder that machines are only as reliable as the humans who make and code them.