Are Hackers to Blame for Brokerage Outages? ThousandEyes Thinks So

February 7, 2018 — 1:19 PM EST

Online brokerages from Charles Schwab to Betterment suffered outages earlier this week as investors sold off stocks in droves Monday and then got back into the market Tuesday. While the online brokerages cited huge trading volumes for the disruptions, all of which were temporary, network monitoring company ThousandEyes thinks something more nefarious is going on.

While the firm acknowledged that the online brokerages and robo-advisors were overloaded during market hours Monday and Tuesday, it also saw evidence of a DDoS attack – otherwise known as distributed denial of service attack. With a DDoS attack, a hacker tries to make a website inoperable by bombarding it with traffic from multiple sources.

[Ally Invest offers powerful charting tools and $4.95 trades. Read Investopedia's Ally Invest review to learn more about this low-cost broker.]

"Our data on the affected websites certainly shows evidence of overloaded infrastructure in some cases. But interestingly, we also saw evidence of the potential symptoms of some DDoS attack traffic in the mix," said Alex Henthorn-Iwane, vice president of product marketing at ThousandEyes, in an email statement. "It's not surprising that an attacker would seek to take advantage of an already pressurized time on trading site infrastructure and networks."

According to ThousandEyes, it saw a spike of high data loss in a major internet service provider and  DDoS mitigation provider networks for 20 minutes, which it said could have been an attack that was detected and taken care of. After that, there was around 40 minutes in which the infrastructure of financial services sites were "overwhelmed," Henthorn-Iwane said.

The brokerages that faced disruptions so far this week include Charles Schwab, Vanguard, T. Rowe Price, TD Ameritrade, Merrill Edge, Fidelity Investments, Wealthfront and Betterment. In the case of Betterment and Wealthfront, the outages mark the first time these robo-advisors have had to deal with a huge sell-off in the markets. After all, many of these pure play robo-advisors entered the market in the past few years as stocks have been marching higher. Up until January, stocks have increased for 15 months in a row.

While the online brokerages and robo-advisory services are blaming the outages on higher-than-usual traffic thanks to a more than 1,000-point drop in the Dow Jones Industrial Average Monday and a whipsawing stock market Tuesday, DDoS attacks are common, happening to many high-profile companies in recent years. For example, in October 2016, a DDoS attack of domain service provider Dyn resulted in a massive web outage that shut down more than 80 websites including Twitter, Amazon, Spotify, Airbnb, Paypal and Netflix.