NYSE Shutdown Increases Visibility of Cyber Threats

The perpetual danger of cyber attacks was brought to the forefront on Wednesday morning as technical difficulties experienced by United Airlines, The Wall Street Journal and the New York Stock Exchange (NYSE) led market watchers to suspect a coordinated cyber security breach.
United Airlines was the first to experience technical issues, and requested a ground stop order for all US airports at 8:26 a.m. EST. Citing “automation issues” as the problem, the company was able to resolve the issue in a little over an hour, with the Federal Aviation Administration lifting the ground stop order at 8:47 a.m. EST.
That incident was on people’s minds when news of the NYSE shutdown broke at 11:32 a.m. EST. Almost simultaneously, The Wall Street Journal’s website went down, presenting an error page at 11:45 a.m. EST; CNN reported that the page was quickly replaced by a temporary homepage reading “WST.com is having technical difficulties. The full site will return shortly.” The Wall Street Journal was back up and fully running soon afterwards, in time to report on the NYSE’s own “technical difficulties.”
Combined, these issues led many to question whether a cyber attack might have been the catalyst. Cendrick Leighton, CEO of Cedric Leighton Associates, a strategic risk management consultancy based in Washington, DC, believes that this series of technical difficulties was “too coincidental.” He told FOX Business, “you have United, NYSE, and Wall Street Journal so my suspicion is something is going on here. My suspicion is this was a test run by a cyber-hacker or potentially from a nation state.”
The NYSE immediately took to Twitter to dispel this concern, stating, “the issue we are experiencing is an internal technical issue and is not the result of a cyber breach. We chose to suspend trading on the NYSE to avoid problems arising from our technical issue.” Reuters reported that US Homeland Security Secretary Jeh Johnson has corroborated this statement. During a speech at the Center for Strategic and International Studies, Johnson said, “it appears from what we know at this stage that the malfunctions at United and the stock exchange were not the result of any nefarious actor.”
However, the fact that this specific incident hasn’t been attributed to a “nefarious actor” doesn’t mean that cyber security isn’t a valid concern. During the same speech, Johnson called for a new national data breach reporting system and enhanced criminal penalties for hacking. Long known to be an area of security that companies disregard until the damage has been done (think back to the highly publicized data breaches of 2014), Wednesday’s technical difficulties draw attention to the vulnerabilities that complex computer systems face.
Although the NYSE successfully resumed trading at 3:10 p.m. EST, leaving less than an hour of trading left before close, investors appear to realize that future problems may not be so easily resolvable. Bloomberg states that Cyberark Software (NASDAQ:CYBR), Imperva (NYSE:IMPV), AVG Technologies (NYSE:AVG), Palo Alto Networks (NYSE:PANW) and the ISE Cyber Security index (NYSEARCA:HACK) all saw share price spikes Wednesday around noon as investors responded to the news of the NYSE shutdown.
 
Securities Disclosure: I, Morag McGreevey, hold no direct investment interest in any company mentioned in this article. 
Related reading:
NYSE Halts All Trading on Technical Difficulties