| Recurring |
one_organization, multiple_organization |
(a) The software failure incident having happened again at one_organization:
- Eric Erickson's company experienced a software failure incident in 2009 that paralyzed his business, and then the same incident occurred again in March. However, the second time, his enhanced security measures helped prevent his website from being blacklisted [23214].
(b) The software failure incident having happened again at multiple_organization:
- Lynda Zugec's HR consultancy site was flagged and quarantined by Google due to a software failure incident involving hackers obtaining her hosting password and inserting malware into her website. This incident is another example of a website being affected by malware and being blacklisted by Google [23214]. |
| Phase (Design/Operation) |
design, operation |
(a) The article mentions instances where websites were hacked, leading to malware and phishing scams being inserted into the sites. For example, Lynda Zugec's HR consultancy site was flagged and quarantined by Google after hackers obtained her hosting password and inserted malware into her website [23214]. This indicates a failure due to contributing factors introduced during the system development or updates, allowing vulnerabilities to be exploited by hackers.
(b) The article also discusses cases where websites were blacklisted by Google due to being hacked, leading to a significant drop in traffic and sales. For instance, Margo Schlossberg's online handbag business was hacked, resulting in her site being blacklisted by Google, causing a 50% drop in traffic and minimal sales [23214]. This showcases a failure due to contributing factors introduced by the operation or misuse of the system, as the hacking incident impacted the website's performance and reputation during its operation. |
| Boundary (Internal/External) |
within_system, outside_system |
(a) within_system:
- The software failure incident in the articles is primarily due to websites being hacked and infected with malware, leading to Google blacklisting them [23214].
- The incidents of websites being hacked and infected with malware are internal to the system, as they involve vulnerabilities within the websites themselves that allow hackers to gain unauthorized access and insert malicious code.
- The process to clean up infected sites involves steps like identifying the malware, removing it, changing passwords, and relaunching the website [23214].
(b) outside_system:
- The software failure incident is also influenced by external factors such as cybercriminals launching attacks on websites from outside the system [23214].
- Google's role in scanning websites for malware and phishing scams from the external environment contributes to the software failure incidents when websites are flagged and quarantined due to security threats detected externally [23214].
- The impact of being blacklisted by Google affects businesses externally by damaging their reputation and sales, showing how external factors can have significant consequences on the system [23214]. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident occurring due to non-human actions:
- The article discusses how websites can get hacked, leading to malware and phishing scams being flagged by Google, resulting in the site being blacklisted and taken offline until the issue is resolved [23214].
- It mentions instances where websites were attacked by hackers, leading to pages being compromised and malware being inserted into the websites, causing them to be flagged and quarantined by Google [23214].
(b) The software failure incident occurring due to human actions:
- The article highlights cases where websites were hacked due to human actions such as hackers obtaining hosting passwords and inserting malware into websites [23214].
- It also mentions how businesses need to invest in security measures to prevent such incidents, indicating that human actions in neglecting security can lead to software failures [23214]. |
| Dimension (Hardware/Software) |
software |
(a) The articles do not provide specific information about a software failure incident occurring due to contributing factors originating in hardware. Hence, the information related to a hardware failure incident is unknown.
(b) The software failure incidents reported in the articles are primarily related to websites being hacked, infected with malware, and subsequently blacklisted by Google due to security vulnerabilities in the software. These incidents highlight the impact of software vulnerabilities on businesses, such as decreased website traffic, minimal sales, reputation damage, and financial costs incurred to clean up the infected sites ([23214]). |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The objective of the software failure incident was malicious, as it was caused by hackers who attacked websites, inserted malware, and obtained hosting passwords with the intent to harm the systems [23214]. The incidents described in the articles involved cybercriminals targeting small businesses' websites, leading to blacklisting by Google, loss of reputation, decreased sales, and financial costs for the affected businesses. The hackers' actions were deliberate and aimed at causing harm to the websites and their owners. |
| Intent (Poor/Accidental Decisions) |
poor_decisions |
(a) The software failure incidents mentioned in the articles are primarily related to poor decisions made by businesses or individuals regarding cybersecurity measures. For example, Margo Schlossberg's online handbag business was hacked, leading to a significant drop in traffic and sales because the website was blacklisted by Google due to being infected [23214]. Similarly, Lynda Zugec's HR consultancy site was flagged and quarantined by Google after hackers obtained her hosting password and inserted malware into her website, causing her to be offline for nearly two weeks [23214].
These incidents highlight the consequences of inadequate cybersecurity measures and poor decisions made in terms of website security, leading to significant financial and reputational impacts on businesses. |
| Capability (Incompetence/Accidental) |
development_incompetence |
(a) The article discusses incidents where websites were hacked, leading to them being blacklisted by Google due to malware and phishing scams. These incidents highlight failures due to development incompetence, as the websites were vulnerable to attacks that compromised their security. For example, Lynda Zugec's HR consultancy site was flagged and quarantined by Google after hackers obtained her hosting password and inserted malware into her website, leading to a significant impact on her business and reputation [23214].
(b) The article also mentions incidents where websites were attacked, causing significant disruptions and financial losses to the businesses. These incidents can be categorized as accidental failures, as they were not intentional actions by the businesses but rather unexpected events that occurred due to external factors such as cyberattacks. For instance, Margo Schlossberg's online handbag business was hacked, leading to a drop in traffic and sales, impacting her business during a crucial sales period [23214]. |
| Duration |
permanent |
(a) The articles mention instances where websites were hacked and subsequently blacklisted by Google, leading to a significant impact on the businesses involved. For example, Margo Schlossberg's online handbag business was hacked in September, and as a result, her website was still flagged as "may be hacked" by Google, leading to a 50% drop in traffic and minimal sales [23214]. Similarly, Lynda Zugec's HR consultancy site was flagged and quarantined by Google, and it took her nearly two weeks to get back online, indicating a prolonged impact of the software failure incident [23214].
(b) On the other hand, there are also instances where businesses were able to recover from the software failure incidents relatively quickly. For instance, Eric Erickson's company faced a hack in 2009 that paralyzed his business for 60 days, resulting in several thousand dollars in lost sales. However, when his site was attacked again in March, he was prepared and caught it early, preventing it from being blacklisted [23214]. This suggests that in some cases, businesses were able to address the software failure incidents promptly and prevent long-term consequences. |
| Behaviour |
omission, value, other |
(a) crash: The article mentions a case where a website was hacked, leading to a significant drop in traffic and sales, indicating a failure of the system to perform its intended functions [23214].
(b) omission: The article discusses instances where websites were hacked, leading to the omission of their intended functions, such as in the case of Margo Schlossberg's online handbag business where the site was hacked, impacting traffic and sales [23214].
(c) timing: There is no specific mention of a timing-related failure in the articles provided.
(d) value: The article mentions cases where websites were hacked, resulting in the system performing its intended functions incorrectly, such as in the case of Lynda Zugec's HR consultancy site where hackers inserted malware into the website [23214].
(e) byzantine: The articles do not provide information about a byzantine-related failure.
(f) other: The other behavior observed in the articles is the system being flagged and quarantined by Google due to malware or phishing scams, impacting the reputation and sales of businesses [23214]. |