So this morning as I was rushing to get my boys to the bus stop, I heard some rumbling on the TV that all airline travel was suspended until 8 AM central time. I was curious, but also in a rush to get out the door. I wondered if anybody on my LinkedIn network had any insights as to what was happening. I posted a poll asking my mostly cybersecurity minded peers if it was a cyber attack or not. As of right now, 61% of us thought it was malicious. The president has stated that this was not the case, which is great news to hear.
So this leads me to my next set of questions. How could this have happened and what could we do to prevent it. Reading into it (unverified information from what I took the time to gather), it seems it was a bad software update to an antiquated system and they were able to roll back the changes to a previously known good state. Awesome and great news.
But I’m thinking, what was the impact of delaying or cancelling all those flights to an already struggling airline industry? A few million dollars? Billions? This doesn’t just impact business people trying to catch their next flight. This also affects shipping (USPS, FedEx, UPS, etc.). I also bet there was a domino effect, as some of those pilots fly to their airport to pilot their flights.
What could have been done better? I’m armchair quarterbacking here. I don’t know the aviation system that was down. I do know there should have been a formal process for a system as important as this one. A change management process to be specific. Somebody needs to suggest a change, it needs a formal approval, it needs to be tested on test systems, a maintenance window needs to be planned, backup processes need to be in place, execution needs to take place, and a lessons learned needs to be done.
I get it’s probably an antiquated system and there is a bunch of government bureaucracy that makes these types of systems stay in the stone age. I hope we can learn something from this and prevent something like this from happening in the future.