Skip to main content

Attack against TD website likely a prank, expert says

SHANNON STAPLETON/REUTERS

The cyber attack that bogged down Toronto-Dominion Bank's website this week was most likely a prank to attract attention, rather than a threat to sensitive financial data, says an expert in computer hacking.

Iain Kenny, a partner at MNP Investigative and Forensic services in Calgary who studies hacking efforts against companies, said the type of attack that stalled TD's website Thursday is becoming increasingly easy for low-level hackers to execute, but is more of a nuisance for companies than a risk to their security.

TD, the second-largest bank in Canada, disclosed it was the victim of a "targeted" attack that caused its website to go offline for about four hours starting in the morning. Known as distributed denial-of-service (DDoS) attacks, the incidents involve a virus infecting numerous computers and using them to barrage a website with requests for information. Eventually the website clogs up from the surge in traffic and legitimate users are unable to access the site.

Story continues below advertisement

"It's like drinking from a fire hose. At the end of the day, there's no loss of data, no detrimental harm to the infrastructure or the systems. But it makes [the site] unavailable for the average citizen to conduct transactions, which will obviously have a reputational impact for the business," Mr. Kenny said.

"It's no similar or different to a group of protesters marching down the street and blocking an intersection so people can't get to work, or can't get their car to the office," he said. "It's exactly that, except it's happening on the cyber highway instead of the street corner outside your office. And it can be accomplished by one individual."

TD spokeswoman Barbara Timmins said Friday that customer data were not compromised, and the bank continues to monitor the situation. Customers were mostly unable to log-in during the four-hour period, and those who could sign on experienced delays.

Though it's not clear who targeted the bank, Mr. Kenny said such attacks are done increasingly for notoriety among hackers.

"We're seeing more organizations or groups take credit for these types of activities. It's no different than graffiti taggers: they don't gain anything at the end of the day, other than notoriety and reputation," Mr. Kenny said.

"This is very likely just a small group that's basically trying to create more of a political statement than anything else."

Report an error Editorial code of conduct
Tickers mentioned in this story
Unchecking box will stop auto data updates
Comments

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff.

We aim to create a safe and valuable space for discussion and debate. That means:

  • Treat others as you wish to be treated
  • Criticize ideas, not people
  • Stay on topic
  • Avoid the use of toxic and offensive language
  • Flag bad behaviour

Comments that violate our community guidelines will be removed.

If your comment doesn't appear immediately it has been sent to a member of our moderation team for review

Read our community guidelines here

Discussion loading ...

Due to technical reasons, we have temporarily removed commenting from our articles. We hope to have this fixed soon. Thank you for your patience. If you are looking to give feedback on our new site, please send it along to feedback@globeandmail.com. If you want to write a letter to the editor, please forward to letters@globeandmail.com.