Traders sit and wait during a New York Stock Exchange shutdown. It wasn’t caused by hacking, but people worried it was. (Spencer Platt/Getty Images)
James Lewis write about the Internet and security at the Center for Strategic and International Studies.

When the New York Stock Exchange abruptly shut down trading Wednesday morning, there wasn’t much question what most people were worried about. “Let’s hope it’s not a hack,” one money manager told USA Today. “Do they think we’re idiots?” asked a tech blog, scornfully reporting that officials said the problem was just a glitch. Social media filled with angst.

These reactions are understandable: For 20 years, we’ve been talking about a cyber Pearl Harbor, a big event with drama, sound and fury. Instead, we have endless and largely silent espionage and the occasional surreptitious bank robbery. So when something big happens and there is a computer connected anywhere near it, alarms go off. It’s almost wishful thinking.

Why all the fuss? It’s hard not to invoke Chicken Little, apparently one of the patron deities of cybersecurity. The ability of the Internet community to announce that the sky is falling and then generate astounding quantifies of misinformation, abetted by a penchant for conspiracy theory, means that the first reaction to any big system failure is to suspect hacking.

The 2003 Northeast blackout was first blamed on hacking, the 2010 “flash crash” was first blamed on hacking, and Wednesday’s shutdown — as well as an unrelated computer problem that grounded all United Airlines flights — was first blamed on hacking. But that betrays a misunderstanding in popular culture, abetted by the media, about what hackers do and don’t do.

Accept the banality, the routineness of hacking: It’s a job, not an anomaly or Black Swan event. Hacking is predictable, and hackers follow set patterns and routines. Techniques change, but motives remains the same. Evil mad-genius hackers who want to wreak mass havoc on society because they are in a bad mood don’t exist in real life. Hackers, especially those who focus on financial crime, are professionals, and they want money, not crashes. Yes, intelligence agencies hack all the time, but they don’t want front-page attention for it, and their motives in peacetime are not cyber-disruption on a mass scale. Russian oligarchs and Chinese officials stash their wealth on Wall Street — they are not going to crash it and put their piggy banks at risk.

On Wednesday, nothing pointed to a hack other than the fact many computers failed. But anyone who uses a computer knows that it doesn’t take malicious intent to make that happen. Part of the panic appeared to have come about because the day before, the group Anonymous had tweeted that it hoped Wednesday would be bad for Wall Street. Anonymous’s chief skill is in writing press releases. They are not the hacker elite, most of whom work for big intelligence agencies or are Russian criminals — and Russian cyber-criminals are better at hacking than the spy agencies of most countries. Anonymous was quick to deny culpability, anyway, blaming (maybe predictably) Russian hackers using a so-called “zero day exploit” stolen from The Hacking Team, whose files were recently posted online. Russian cyber-criminals would love to hack the NYSE and have almost certainly tried. But they want to manipulate the market, not crash it. If they succeed, they’ll be fleecing traders, not keeping them from buying and selling stocks.

Hackers today have taken the same place that an older bogeyman did for another technological era. In the 1950s, there were regular sightings of UFOs, leading to panic and fear. There were no UFOs, of course, but there was a diffuse concern over nuclear war and the potential for fleets of Russian bombers to appear suddenly in the sky. These days, with everyone always connected to the Internet and more and more features of our daily lives reliant on networked computers, we feel vulnerable in ways we don’t fully understand. We always exaggerate our fears. Until the larger anxiety is addressed, the first question will still be, “was it a hack?”