Day of ‘technical’ glitches puts lawmakers on edge

Lawmakers are having a hard time swallowing the idea that a major stock exchange, a global airline and a prominent media outlet coincidentally suffered major outages on the same day.

The New York Stock Exchange halted trading for roughly four hours Wednesday, and United Airlines had to ground all of its flights in the morning, both citing technical problems as the culprit. And shortly after the stock exchange went down, the homepage for The Wall Street Journal crashed.

{mosads}The Obama administration said there were no signs the outages were caused by nefarious outside actors, but lawmakers were having a tough time buying it could all be a coincidence and are vowing to look into the matter.

“I’d like to know some more information,” said Sen. Charles Schumer (D-N.Y.). “To have three outages in three important places on the same day raises a lot of questions. I haven’t gotten answers yet.”

Dissections of what exactly happened in each case were in the preliminary stages Wednesday, but members of Congress were quick to question if foul play was involved, despite assurances the problems were technical, not malicious.

“I think it has the appearances of a cyberattack,” said Sen. Bill Nelson (D-Fla.), the ranking member of the Senate Commerce Committee, which has authority over many Internet issues.

Asked if he was not confident in the exchange’s own assurances that the suspension wasn’t the result of a cyberattack, Nelson responded, “to be determined.”

“I wondered if this has to do with our computer systems,” said Senate Banking Committee Chairman Richard Shelby (R-Ala.). “It’s always a concern, but is it a temporary glitch … is it lack of cybersecurity? We don’t know. Let’s see what it is.”

President Obama was briefed on both the NYSE and United outages and was told by top counterterrorism adviser Lisa Monaco that “at this point there is no indication malicious actors are involved in these technological issues.”

Homeland Security Secretary Jeh Johnson agreed that the issues did not seem to be caused by deliberate malfeasance.

“It appears from what we know at this stage that the
malfunctions at United and the stock exchange were not the result of any nefarious actor,” he said at an event hosted by the Center for Strategic and International Studies.

But FBI Director James Comey acknowledged the timing of the outages could certainly lead to questions and vowed to examine the matter.

“We are not big believers in coincidence either,” he told the Senate Intelligence Committee Wednesday. “We want to dig into that. So we’ve been in contact with all three companies to understand what’s going on.

“In my business you don’t love coincidences, but [it] does appear there is not a cyber intrusion involved,” he added.

No members were calling for hearings on the matter as of Wednesday evening, when details were still being sorted out. But the headlines driven by the day’s problems could add momentum to legislative efforts to boost the nation’s cybersecurity infrastructure.

“It’s a very complicated world now, which technology drives, and with that comes some inherent risk, and we’ve got to make sure we do everything we can to mitigate the risk,” said Sen. John Thune (R-S.D.), chairman of the Senate Commerce Committee.

As the outages mounted, impacted parties were quick to explain their issues as isolated internal problems.

NYSE President Thomas Farley explicitly said the exchange’s issues were an internal problem unrelated to the other outages but said it was “premature” to detail exactly what happened.

“Around mid-morning, we started to see some concerns about the way trading was occurring,” he told CNBC. “I made the decision … to suspend trading here at the NYSE because we wanted to make sure that NYSE stocks wouldn’t be negatively impacted.”

Overall market trading continued on other exchanges that remained in operation.

United said it was impacted by network connectivity issues tied to a faulty router, as the airline grounded all its flights nationwide for roughly two hours Wednesday morning.

And The Wall Street Journal’s main homepage failed to load for a brief period shortly after the NYSE outage occurred, returning online with a message saying it was dealing with technical issues. Comey noted that the site was probably receiving heavy traffic at the time of its troubles.

While officials have denied there’s any evidence hackers were behind the stock exchange outage, security specialists say it is too soon to say.

“It would be hard for them to judge that so quickly,” said Jeff Williams, chief technology officer at Contrast Security, which tests for vulnerabilities in financial sector networks.

Tom Kellermann, chief cybersecurity officer at security research firm Trend Micro, pointed to chatter on the dark Web claiming the incident might be a response to the conviction yesterday of a prominent member of the hacking group Lizard Squad.

He also cited a strangely prescient Tuesday night tweet from the hacktivist collective Anonymous: “Wonder if tomorrow is going to be bad for Wall Street …. we can only hope.”

Cyberattack or not, Williams and Kellermann say the incident highlights chronic issues with the software supporting the financial sector.

“The safety and soundness of the financial sector around the world is being undermined slowly and significantly by the capacity of hackers to hack these incredibly technologically dependent systems,” Kellermann said.

While the financial sector is commonly viewed as far ahead of many other industries on cybersecurity, several experts said banking and stock exchange networks are still riddled with flaws.

“Imagine you had a whole city that was built with lead pipes and asbestos and sewage lines that are leaking,” Williams said. “It’s that level of infrastructure problem.”

Cory Bennett and Mario Trujillo contributed to this story.