Life's a glitch, then you cry

By Jerome Taylor

An IT glitch left millions of bank users in the UK unable to access their accounts. Photo /  Bradley Ambrose
An IT glitch left millions of bank users in the UK unable to access their accounts. Photo / Bradley Ambrose

In the Hollywood action thriller Die Hard 4 there is a moment when Bruce Willis's ageing New York detective, John McClane, discovers just how much havoc can be wrought through a computer keyboard.

Hackers have infiltrated America's IT systems and brought the country to its knees, taking down the transport grid, crippling its banking sector and knocking out key utilities such as water and electricity. It is left up to a more informed younger colleague to explain what has happened. "They call it a fire sale," he says. "Because everything must go."

In many ways the film is Hollywood at its most paranoid. But it taps into our legitimate concerns that the world's overwhelming reliance on computers leaves us acutely vulnerable when they go wrong or are attacked. Computers make the world go round and grease the cogs of industry. But like any piece of machinery, sometimes they break down.

The recent collapse of IT systems at the Royal Bank of Scotland, NatWest and Ulster Bank offer us a vivid illustration of how vulnerable we become when computers say no.

For the past seven days thousands of people up and down the country have had trouble with their bank accounts after a reported software update at parent company RBS went wrong and caused the banks' IT systems to break down. For many angry customers, bills have gone unpaid, holidays have had to be abandoned and pay day has yet to come.

Yesterday, RBS group chief executive Stephen Hester promised customers that the banks had "turned a corner" in dealing with the defective systems and said senior executives would face "proper accountability" for the fiasco. An email sent to account holders added that the banks would waive overdraft fees for those caught up in the payments backlog. But even with extended opening hours and fee waivers, they still have a long way to go to renew consumer confidence.

Sadly RBS is not the only banking group within the global financial sector to have been hit by computer glitches. In the past two years, HSBC, JP Morgan and TD Bank have had to navigate their way through angry consumer backlashes after their IT systems suffered glitches. Earlier this month, just half an hour of computer troubles on the American stock exchange racked up a $40m bill for Nasdaq, which had to reimburse investors who tried to by Facebook shares but couldn't.

"Taken on an individual basis these glitches seem like small fry," said one IT expert within the banking sector, who asked not to be named. "When you add them up, though, you have to start asking yourself whether we're really doing enough to make sure we are prepared for the worst case scenarios."

But banking is only one sector among thousands that need computers to work properly.

"Ultimately, when you look around there's barely an industry or system that doesn't rely on computer technology to run some of its core functions," says Rik Ferguson, a cyber-security analyst at Trend Micro. "The telecoms industry is a real concern because by its very nature it has to be connected to the web. But there are also real vulnerabilities in healthcare and the world of finance."

Cyber security is often portrayed as protecting an organisation from outside attack. The threat of hackers and those who want to break in to steal data, money or just create carnage is real. But while companies spend millions building walls to keep people out, they often fail to make sure the houses inside are constructed properly.

"People spend so much time, effort and energy trying to beef up their security for external threats rather than worrying about internal weaknesses," says Jay Sappidi, senior director at CAST Research Labs, which specialises in testing the quality of software coding, the building blocks of IT programmes. "It's like building a house. You create a building which has a bedroom, a kitchen and a bathroom. Everything appears to be working fine. But what you haven't done is tested whether it can withstand a heavy rainstorm or an earthquake."

RBS's current software woes do not appear to have been caused by an external threat. Official company statements have so far blamed unspecified "technical glitches". But insiders say the problems began when a software update went wrong causing a malfunction in the payments system which then created a crippling backlog.

Critics - including the Unite union and IT experts - have accused the bank of compromising its computer systems by outsourcing key work to India. RBS has insisted the software glitch was a UK problem, which rules out outsourcing but does little to defend the company from the accusation that its coding was not up to scratch.

While companies fear external attacks, more often than not it is poor coding and software glitches that create havoc. Late last year, millions of BlackBerry users around the world had limited or no access to their emails. Much of the press speculation surrounding the cyber systems of the Canadian mobile phone manufacturer had concentrated on whether their emails could ever be cracked by authoritarian regimes or hackers. In the end, what compromised BlackBerry's ability to deliver to its customers was a comparatively simple server swap that went wrong.

Crtical utilities - such as power stations, electricity grids and water providers - are largely kept off the internet for security reasons. But the recent cyber attacks on Iran's nuclear facilities have shown that there are still ways to infiltrate closed networks.

But even if companies have secure IT systems, they still have to plan for breakdowns outside their control such as the internet going down. Cyber space is often thought of as an entirely ephemeral thing. But while data is pinged around the world wirelessly the internet itself still relies on physical structures such as servers and cables. And like any physical structure, it can be damaged.

Cables are particularly vulnerable. Earlier this year, nine countries across East Africa and the Middle East experienced a dramatic slowdown in internet speeds and disruption to phone calls.

You could be forgiven for thinking something enormous had occurred. In fact, the cause of the problem was a single ship, moored outside the Kenyan port of Mombasa, which had dropped its anchor on to the only fibre optic cable delivering the internet to East Africa. Let's hope the same thing doesn't happen in the English Channel.

THE INDEPENDENT

© Copyright 2014, APN New Zealand Limited

Assembled by: (static) on red akl_n4 at 22 Sep 2014 03:33:47 Processing Time: 543ms