eSentire White Logo

Blog | Jul 10, 2015

Calling wolf: distinguishing technological glitches from legitimate cyberattacks

The reported outages this week at the New York Stock Exchange (NYSE), the Wall Street Journal and United Airlines again bring to the light the central role technology plays in our interconnected world. Our dependency on the ability to seamlessly trade stock online or book an airline ticket has become the same as the expectation associated from any modern day convenience, like instant hydro or clean water.

The outages experienced by NYSE, the Wall Street Journal and United Airlines were coincidental technical glitches. Given the rash of big-brand cyberattacks experienced in recent months, many were quick to assume that these glitches were associated with a cyberattack. At eSentire, we’ve been repeatedly asked if these cases could be the result of a subtle cyber breach.

An important consideration here is the distinct difference between a ‘glitch’ and a cyberattack.

Glitches or technical outages refer to a system failure resulting in the downtime of its core service or primary function. This can result from equipment failures, improperly executed maintenance or weaknesses in software code. Cyberattacks on the other hand, refer to offensive activities with simple objectives in mind: they are designed to steal, alter or destroy data.

Our nation's response to this week’s outages showed a crack in our collective psyche. It’s like we have cultural Post Traumatic Stress Disorder (PTSD), so raw that even a benign technical outage can trigger fear that cyber criminals have struck again. Our heightened awareness of cybercrime and data breaches, combined with our dependency on technological interconnectedness, has led to a new cyber-psychological condition.

Cybersecurity must be an ever-present consideration. In this, or any other case that may indicate a cyberattack, it’s critical that a company has a documented cybersecurity program that includes an Incident Response (IR) plan. This IR Plan is the playbook used to determine the extent of a breach (if a breach did in fact occur), and lays out the procedures to seal the breach, quantify what data has been stolen, and how to report the breach to investors, clients and law enforcement agencies.

This week we all jumped at the mere thought of a cyberattack and responded by asking the difficult questions. In return, we received calming responses. I for one applaud this reaction. It’s important to show a healthy dose of skepticism. Collectively we need to face the threat head on, rather than turn our backs and secretly feel grateful that we weren’t the victim.

Mark Sangster

Mark Sangster

Vice President and Industry Security Strategist

Mark is a cybersecurity evangelist who has spent significant time researching and speaking to peripheral factors influencing the way that legal firms integrate cybersecurity into their day-to-day operations.