Life's a glitch

A computer bug at NatWest has left thousands without cash – and such problems are becoming more common. By Jerome Taylor

Click to follow
The Independent Online

In the Hollywood action thriller Die Hard 4 there is a moment when Bruce Willis's ageing New York detective, John McClane, discovers just how much havoc can be wrought through a computer keyboard. Hackers have infiltrated America's IT systems and brought the country to its knees. It is left to a younger colleague to explain what has happened. "They call it a fire sale," he says. "Because everything must go."

In many ways the film is Hollywood at its most paranoid. But it taps into our legitimate concerns that the world's overwhelming reliance on computers leaves us acutely vulnerable when they go wrong or are attacked. Computers make the world go round but, like any piece of machinery, sometimes they break down.

The recent collapse of IT systems at the Royal Bank of Scotland, NatWest and Ulster Bank offers us a vivid illustration of how vulnerable we become when computers say no. For the past seven days thousands of people have had trouble with their bank accounts after a reported software update at parent company RBS went wrong and caused the banks' IT systems to break down. For many angry customers pay day has yet to come.

Yesterday, RBS group chief executive Stephen Hester promised customers that the banks had "turned a corner" in dealing with the defective systems and said senior executives would face "proper accountability" for the fiasco. An email sent to account holders added that the banks would waive overdraft fees for those caught up in the payments backlog. But even with extended opening hours and fee waivers, they still have a long way to go to renew consumer confidence.

Sadly RBS is not the only banking group to have been hit by computer glitches. In the past two years, HSBC, JP Morgan and TD Bank have faced angry consumer backlashes after their IT systems suffered glitches. Earlier this month, just half an hour of computer troubles on the American stock exchange racked up a $40m bill for Nasdaq, which had to reimburse investors who tried to buy Facebook shares but couldn't.

"Taken on an individual basis these glitches seem like small fry," said one IT expert within the banking sector, who asked not to be named. "When you add them up, though, you have to start asking yourself whether we're really doing enough to make sure we are prepared for the worst case scenarios."

But banking is only one sector among thousands that need computers to work properly.

"There's barely an industry or system that doesn't rely on computer technology to run some of its core functions," says Rik Ferguson, a cyber-security analyst at Trend Micro. "The telecoms industry is a real concern because it has to be connected to the web. But there are real vulnerabilities in healthcare and the world of finance."

Cyber security is often portrayed as protecting an organisation from outside attack. But while companies spend millions building walls to keep people out, they often fail to make sure the houses inside are built properly.

"People spend so much time, effort and energy trying to beef up their security for external threats rather than worrying about internal weaknesses," says Jay Sappidi, senior director at CAST Research Labs, which specialises in testing the quality of software coding, the building blocks of IT programmes. "It's like building a house. You create a building and everything appears to be working fine. But what you haven't done is test whether it can withstand a rainstorm or an earthquake."

RBS's current software woes do not appear to have been caused by an external threat. Official company statements have so far blamed unspecified "technical glitches". But insiders say the problems began when a software update went wrong causing a malfunction in the payments system, which then created a crippling backlog.

Critics have accused the bank of compromising its computer systems by outsourcing key work to India. RBS has insisted that the software glitch was a UK problem but does little to defend itself from the accusation its coding was not up to scratch.

Cables are also vulnerable. Earlier this year nine countries across east Africa and the Middle East experienced a dramatic slowdown in internet speeds and disruption to phone calls.

You could be forgiven for thinking that something enormous had occurred. Instead the cause of the problem was a ship, moored outside the Kenyan port of Mombasa, which had dropped its anchor on to the only fibre optic cable delivering the internet to East Africa. Let's hope the same thing doesn't happen in the English Channel.

PERSONAL BANKING

Bosses at NatWest and RBS insist they are over the worst of the technical issues but people are still complaining. NatWest has waived overdraft fees and told customers they can withdraw £100 more than their limit.

FIBRE OPTICS

Millions of internet users in nine countries across East Africa and the Middle East saw dramatic slow downs in internet speed earlier this year when a ship's anchor damaged the only cable bringing internet to the area.

FINANCIAL MARKETS

A software glitch earlier this month cost Nasdaq more than $40m during the flotation of Facebook. The US tech stock exchange had to compensate investors who were unable to buy shares when the market opened.

AIR TRAVEL LA International airport virtually shut down in 2007 when crucial internet cables burnt out. Thousands of passengers were stranded for 24 hours before the problem was finally resolved.

CYBER WARFARE When Russia went to war with Georgia over the breakaway republic of South Ossetia in 2008 we saw the closest thing yet to a fire sale. Cyber attacks were launched against communications, media and transportation.

CLOUD COMPUTING Amazon suffered a highly embarrassing bug last spring when part of its cloud service went down. Client websites such as Quora and Reddit were temporarily forced offline because they relied on Amazon's servers.

In the past week, customers and staff of NatWest have been locked in a tense stand-off, both parties blameless, but rendered impotent by systems beyond their control.

This particular fault is so enigmatic and mysterious that it's only been referred to as a "technical glitch". The money seems to be on an inadequately tested software upgrade that's backfired horribly – with profound consequences.

Banking, more than many industries, has been transformed by computer networking; once a relatively low-tech, personal industry, it nowdepends entirely on the free flowing of digital information. We take the movement of such data streams for granted, but rarely consider the consequences of them stopping. Yes, we may read articles where intrepid journalists try to "live without the internet" for a week, but that represents little more than a lifestyle change. If computers stop talking to each other altogether, society falters.

We're living amid an Internet Of Things, where the number of devices hooked up to the internet is greater than the number of people using it. But while the internet as a whole is pretty resilient to attack, individual systems are less so, and we're going to become increasingly at the mercy of lines of code that we don't understand.

Comments