What Can Go Wrong
Modernizing Authentication — What It Takes to Transform Secure Access
What Can Go Wrong
SOURCE: INTERNET RISKS FORUM DIGEST / PETER G. NEUMANN / COMPUTER SCIENCE LAB / SRI INTERNATIONAL
In 1998, AT&T suffers a massive, software-triggered collapse of its frame-relay network. For up to 26 hours in some locations, hundreds of multinational companies can't send data between offices, losing billions of dollars.
Software coding errors in Therac-25 radiation therapy machines allow massive overdoses of radiation to be administered to cancer patients between June 1985 and January 1987, causing four deaths and one injury.
A crippling, deeply embedded software glitch in the system used by CTB/McGraw-Hill to grade standardized tests in 1999 makes scores lower than they actually are, mistakenly sending nearly 9,000 students from six states packing off to summer school.
Buggy software and failed efforts in 1996 to merge IT systems after Union Pacific Railroad acquired Southern Pacific triggered a 40-day freight-train gridlock throughout the Southwest. UP's cost: $633 million. Clients' cost: about $2 billion in lost sales.
The glitch-riddled, $191 million baggage-delivery system at Denver International Airport-100 networked computers, 5,000 electric eyes, 400 radio-frequency receivers and 56 barcode scanners-shreds and loses luggage, forcing a 16-month airport opening delay.
Because a computer processor crashes a dozen times on May 17, 1999, air traffic controllers in Philadelphia temporarily lose track of planes and erase some data on each flight. Similar glitches occur again three nights later.
E*Trade, Charles Schwab and Ameritrade suffer consecutive days of computer crashes in February 1999, caused by software bugs and a deluge of trading that exceeds system capabilities. Many E*Trade and Schwab customers lose thousands of dollars in mid-trade outages.
Empire Blue Cross is forced to write off $50 million in uncollected insurance claims due to faulty software dating back 10 years, which, among other problems, cannot compute numbers greater than 100,000.
In May 2000, the ILOVEYOU virus, written by a teenager in the Philippines, clones itself worldwide and strikes 45 million computers in 20 countries, wiping out eight kinds of files at hundreds of companies, including AT&T, Microsoft, Merrill Lynch and Ford Motor Co.
The First National Bank of Chicago wrongly deposits $763.9 billion into customer checking and savings accounts in 1996 due to a glitchy software upgrade.
General Motors Corp. recalls 292,860 Buicks, Oldsmobiles and Pontiacs in 1996 because of engine fire problems potentially triggered by bugs and coding errors in the models' Powertrain Control Module.
In September 1995 a software snag in Bell Atlantic's switches sends emergency 911 calls in Richmond, Va., to a customer named Rosa Dickson. For a frantic half hour, Dickson fields the urgent calls herself and passes messages to police.
During the Gulf War, a software glitch is partly to blame for throwing off a Patriot missile's timing by one-third of a second-enough to miss an Iraqi Scud missile that on Feb. 25, 1991, killed 28 soldiers and wounded 98 in Saudi Arabia.
In 1996, MCI refunds $44 million to customers who were charged an extra minute for collect calls during the previous three years due to a software problem.
Los Angeles County pension fund contributions over 20 years fall short by $1.2 billion, due to decades-old computer "calculation errors" that went undetected for years.
In 1990, AT&T long-distance lines are knocked out for 11 hours across the United States due to a minor programming error in switching software.
A Samsonite Corp. software system upgrade causes factory forklifts to run amok and computers to shut down, freezing deliveries of back-to-school orders for three weeks and hampering operations for months. Loss: $4 million in profits and $10 million in sales.
In January 1999, authorities discover that 600,000 cubic yards of silt had been dumped in the wrong spot off the Los Angeles coast, thanks to bad data fed to the Global Positioning Satellite system used to locate the site.
Over 17 days during California's rolling blackouts in early 2001, hackers break into computers belonging to the Independent System Operator, which runs the state's electricity transmission grid.
In April 1999, the Chernobyl computer virus-timed to strike 13 years to the date after the Russian nuclear disaster-wipes out hundreds of thousands of hard drives and crashes systems around the world, causing companies to lose billions of dollars.
In May, 1999, a new air traffic control system breaks down and massively delays 362 flights at New York-JFK, Newark, Philadelphia and Washington, D.C. airports. Problems occur when new computer screens are hooked up to the FAA's mainframe.
Hershey Foods' $112 million ERP system collapses in July 1999 during the peak of the back-to-school and Halloween candy-buying season. Third-quarter profits drop by 19 percent.
A 16-year-old San Fernando Valley boy using his own personal Linux system in January 2000 hacks into Pacific Bell's Internet server and lifts 200,000 customer passwords; some 63,000 subscribers whose passwords he decrypted had to come up with new ones.
A failed software upgrade forces the New York Stock Exchange to completely shut down for nearly 90 minutes on June 8, 2001, making it impossible to calculate market indexes like the Dow and S&P 500.
The Melissa virus penetrates more than 1 million computers and causes an estimated $300 million in damage when it sweeps around the world in March 1999, paralyzing e-mail systems.
A pump-station software bug triggers a power outage that causes 5.4 million gallons of raw sewage to spill into the Willamette River in downtown Portland, Ore. in 1988.