Yesterday saw the TD Canada Trust website go down in a denial of service attack, as their web servers were flooded with an overwhelming number of simultaneous requests.

While the attack was unfolding security expert Claudiu Popa, who is the president of Informatica Information Security and author of three books on the topic of privacy and security, watched it happen in real time.

While no personal or business data was compromised, the attack highlights the vulnerability of all organizations that provide online information and services. CanadaOne's co-founder and editor, Julie King, spoke with Popa to understand what small businesses can learn from yesterday's cyberattack.

	What is a denial of service (DoS) attack?
	The ability to cause a security breach by flooding a system with useless data or persistent requests. This makes it impossible for legitimate users to access it and for people to do their work.
	What kind of people are usually behind an attack like this?
	People who have an agenda either to intimidate or to bring attention to a cause.
	Since no customer data was compromised, what do the people behind the attack have to gain?
	They gain exposure and make a name for themselves having impacted a large institution in a major way.
	If compromised computers are manipulated to perform a DoS, what can individuals and businesses do to find out if their computers have been compromised?
	Layered security, up-to-date software, vigilant use of your own computer for unusual behaviour, good anti-virus, properly installed network, adequately configured firewall are all part of a solid strategy to ensure your computer doesn't fall prey to such infections.
	If someone thinks his or her computer is compromised, what would you recommend?
	Scan it with multiple anti-virus software run from a boot disc to bypass the operating system. If that fails, reinstall windows from a "bare metal state". If your business depends on it, call the experts and stick to your core capabilities. Don't be a hero.
	What can small businesses learn from yesterday`s attack on a Canadian bank?
	There are several things for small businesses to understand: Large, well-funded organizations are vulnerable to security attacks, so your company likely is too. Attacks don't have to compromise data to cause significant disruption and financial losses. There is no substitute for proper security testing of online applications AND back end systems. If your business depends on technology, you need a mature, continuous security program in place, not an afterthought. Adopt layered protection to minimize the effect of vulnerabilities that impact individual systems. Denial of service is an entirely different kind of attack than those affecting privacy, so it tends to be underreported and less urgent... until it happens. Explore options that allow your company to survive such attacks. Different companies offer different options and some even provide guarantees.

If you enjoyed this article, be sure to visit CanadaOne's article knowledge base for more informative articles.