| Recurring |
unknown |
<Article 11373> does not provide information about the software failure incident happening again at either the same organization or at multiple organizations. Therefore, the answer to this question is 'unknown'. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident in this case can be attributed to the design phase. Edward Pearson, the hacker, coded trojan viruses like Zeus, SpyEye, and Python to automatically scour the internet for personal details. His Python program successfully downloaded the details of 200,000 PayPal accounts. Additionally, Pearson hacked into the systems of Nokia and AOL to gain access to employees' details and other sensitive information, causing a significant negative impact on Nokia, which had to shut down its networks for two weeks while checks were carried out [11373].
(b) The software failure incident can also be linked to the operation phase. Pearson's girlfriend, Cassandra Mennim, used stolen credit card details and PayPal accounts to book rooms at luxury hotels, triggering a police inquiry. This misuse of stolen personal details for financial transactions highlights an operational failure in the system's security and control measures [11373]. |
| Boundary (Internal/External) |
within_system |
(a) within_system: The software failure incident in this case was primarily within the system. Edward Pearson, a computer hacker, used trojan viruses he coded to automatically scour the internet for personal details, successfully downloading the details of 200,000 PayPal accounts [11373]. Pearson also hacked into the systems of Nokia and AOL to gain access to employees' details and other sensitive information, causing a significant negative impact on Nokia, which had to shut down its networks for two weeks [11373]. These actions were all carried out using software tools and techniques developed by Pearson, indicating that the failure originated from within the system. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident in this case was primarily due to non-human actions, specifically the use of trojan viruses like Zeus, SpyEye, and Python by the hacker Edward Pearson to automatically scour the internet for personal details [11373]. These trojan viruses were coded to download personal details from accounts, such as the 200,000 PayPal accounts that Pearson's Python program successfully targeted. The incident also involved the shutting down of part of Nokia's internal network for two weeks after Pearson hacked in and copied the details of over 8,000 staff members [11373].
(b) Human actions also played a significant role in this software failure incident. Edward Pearson, the hacker, used his considerable expertise and coding skills to carry out sophisticated and planned frauds, including stealing credit and debit card details, postcodes, passwords, names, and dates of birth of more than eight million people in the UK [11373]. Pearson's girlfriend, Cassandra Mennim, was also involved in the incident as she tried to pay for luxury hotels using stolen credit card details and triggered a police inquiry [11373]. Pearson's actions were described as not for financial gain but more as an intellectual challenge, showcasing the human element in the failure incident. |
| Dimension (Hardware/Software) |
software |
(a) The software failure incident in this case was primarily due to software-related factors rather than hardware-related factors. The incident involved a computer hacker, Edward Pearson, who used trojan viruses to download credit card details and personal information of over eight million people [11373]. Pearson coded trojan viruses like Zeus, SpyEye, and Python to automatically search for personal details on the internet, successfully downloading details from 200,000 PayPal accounts [11373]. Additionally, Pearson hacked into the systems of Nokia and AOL to access employees' details and sensitive information, causing a significant negative impact on Nokia, which had to shut down its networks for two weeks [11373].
(b) The software failure incident was caused by software-related factors originating in the actions of the hacker, Edward Pearson. Pearson's use of trojan viruses and other software tools to illegally acquire personal details and credit card information led to the software failure incident [11373]. Pearson's sophisticated and planned frauds, including hacking into various systems and stealing sensitive information, highlight the software-related nature of the incident [11373]. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The software failure incident in this case was malicious. Edward Pearson, a computer hacker, illegally acquired personal details of over eight million people, including credit and debit card information, for fraudulent purposes. He used trojan viruses to download thousands of credit card details and other personal information [11373]. Pearson's actions were intentional and aimed at carrying out fraud, demonstrating malicious intent to harm the system and individuals affected by the data breach. |
| Intent (Poor/Accidental Decisions) |
poor_decisions |
(a) The intent of the software failure incident was not accidental but rather due to poor decisions made by the hacker, Edward Pearson. Pearson, described as an 'incredibly talented' boarding school student, carried out the crime for an 'intellectual challenge' [11373]. Despite having advanced computer skills, Pearson used his considerable expertise for criminal intentions, coding trojan viruses to automatically scour the internet in search of personal details and hacking into systems of companies like Nokia and AOL to gain access to sensitive information [11373]. The judge highlighted that the software failure incident was a sophisticated crime where Pearson accessed highly confidential information, putting many individuals at risk of attack, and had a staggering amount of personal details that could have been used for malicious purposes [11373]. Pearson's hacking activities were not for financial gain but rather as an intellectual challenge, showcasing poor decisions in utilizing his skills for illegal activities [11373]. |
| Capability (Incompetence/Accidental) |
accidental |
(a) The software failure incident in this case was not due to development incompetence but rather due to intentional criminal actions by the hacker Edward Pearson. Pearson, described as an 'incredibly talented' boarding school student, used his considerable expertise for criminal intentions, coding trojan viruses to automatically scour the internet for personal details [11373].
(b) The software failure incident was accidental in the sense that the fraud and hacking activities were carried out by Pearson and his girlfriend Cassandra Mennim without the primary motive of financial gain. Pearson's defense lawyer mentioned that the hacking was more of an intellectual challenge for Pearson, and he had not sold the stolen information. The judge also noted that the criminality was not about financial gain but about an intellectual challenge [11373]. |
| Duration |
temporary |
The software failure incident described in the articles can be categorized as a temporary failure. This is evident from the fact that part of Nokia's internal network was temporarily shut down for two weeks after being hacked into by Edward Pearson, causing significant negative impact on the company [11373]. |
| Behaviour |
omission, value, other |
(a) crash: The software failure incident in the article did not involve a crash where the system loses state and does not perform any of its intended functions [11373].
(b) omission: The incident did involve omission where the system omitted to perform its intended functions at instances, such as when the hacker used a trojan virus to download thousands of credit card details and personal information of over eight million people in the UK [11373].
(c) timing: The incident did not involve a timing failure where the system performs its intended functions correctly but too late or too early [11373].
(d) value: The software failure incident did involve a value failure where the system performed its intended functions incorrectly, leading to the theft of personal details and credit card information for potential fraud [11373].
(e) byzantine: The incident did not involve a byzantine failure where the system behaves erroneously with inconsistent responses and interactions [11373].
(f) other: The software failure incident involved a sophisticated and planned fraud carried out by the hacker, utilizing trojan viruses to steal personal details and credit card information, impacting companies like Nokia and AOL, and resulting in financial losses [11373]. |