Castles made of sand


THURSDAY here in water-logged Manila was apparently an exciting day for the conspiracy theorists of the world.

On the same day, the New York Stock Exchange suffered an as-yet undetermined computer system failure, shutting down the world’s most important trading market for about four hours; United Airlines also suffered a massive system breakdown, which grounded all its flights (as well as many of those of its partner airlines) for most of the day; and half a world away, stock markets in China were experiencing what might be courteously described as an unmitigated disaster, with massive, uncontrollable losses only checked by swift and unprecedented government intervention.

Naturally, many people had trouble believing all this was a coincidence, and speculation among that vast part of the world’s online population who never heard of Occam’s Razor was rampant.

One popular theory was that the CIA caused China’s stock markets to crash in retaliation for Chinese hacking of US government personnel databases last month, which provoked the Chinese into hacking the NYSE and United Airlines.

This wildly improbable scenario was given a bit of credence by Mother Jones magazine, which reported that at the height of the system breakdowns in the US, an otherwise unknown “US based cybersecurity firm” had “tracked” the “attacks” to China.

Adding more fuel to the fire was a cryptic message purportedly shared by the nebulous Anonymous group on Twitter and picked up by a few news outlets such as MSNBC, which hinted that the group might have had a hand in the stock market’s woes.

As far as anyone can tell, the unfolding drama in the Chinese financial markets really did not have any connection with the troubles in the US on Wednesday. What may be behind those troubles, however, is disturbing and should serve as a warning for us here in the Philippines.

Writing for Medium, former programmer and current professor Zeynip Tufekci explained that the likely real reason for the system breakdowns is far more frightening than a large-scale, coordinated “cyberattack.” Many large, critical systems – such as airline reservation systems – that have been operational for long periods of time are built up from software in layers; rather than rewrite existing software to accommodate new features and demands on the system, the system is upgraded incrementally by inserting a code to make the old programming work with the new. Tufekci likened it to expanding a house by adding new floors, but without knowing which are the weight-bearing walls:

“You make your best guess, go up a floor and … cross your fingers. And then you do it again. That is how a lot of our older software systems that control crucial parts of infrastructure are run,” she explained.

We here in the Philippines certainly have no claim to superiority over the Western world when it comes to the health of our critical systems. Not when light rail systems are too frequently brought to a halt by problems in communications and control systems, when major banks’ “system enhancements” go awry and shut down their ATM and point-of-sale networks, and government agencies are embarrassingly vulnerable to hacking.

Solving the existing problems and preventing large-scale chaos requires investment in time and money that companies and especially governments are not anxious to make. But it is a classic “pay now, or pay later” situation: Patching systems together with quick fixes will only work for so long before the poorly built structure collapses. Having witnessed the object lesson this week, we certainly hope our government and leading businesses take it to heart.


Please follow our commenting guidelines.

1 Comment

  1. Vic Penetrante on

    If we are living in that age “where no man might buy or sell, save he who had the ‘beast’ mark, Revelation 13:18 tells us to “calculate the number of the beast, for the number is that of a man,and his number is 666.”