Cyber police in Victoria have been praised by a computer training and support company after helping it resolve a domain name hijacking.
The Computer Crime Squad of Victoria Police has identified an offender and hopes to bring charges before the courts once investigations have been finalised.
It will be the first time anyone has been prosecuted under the state’s new Crimes (Property Damage and Computer Offences) Act 2003, that was passed last month.
Melbourne-based, Quicknowledge, that provides services for consumer and SOHO users, came under attack on May 19. For a period of up to 24 hours, emails were being redirected to a different location and nobody could log on to the company website.
This created problems because Quicknowledge has a national network of more than 300 technical field consultants across Australia and New Zealand who access the site every day to get job details and provide customer feedback.
“You have to be cost effective in the consumer market so the whole thing is run on the Internet,” Quicknowledge CEO, Ken Wortley, said.
The company is still trying to put a financial figure on the damage caused through missed appointments that needed to be rebooked but a spokesman said the main trouble relates to how the company is perceived.
After realising something was wrong, Quicknowledge contacted its domain name registrar, Melbourne IT, to find out what had happened.
Melbourne IT had received a faxed request on Quicknowledge headed paper from somebody claiming to be the company’s IT manager.
This person had also provided the Quicknowledge registry key, similar to a pin number, organising them to make changes.
“It may have been a former employee, contractor or someone else with inside information,” alleged Melbourne IT media and investor relations advisor, Tom Valenta.
“We are always looking to improve security because these things happen from time to time, but we are operating in a frontier industry. It is a bit like somebody getting the pin number to your bank card, it is very difficult to guard against,” he said.
Quicknowledge referred the matter to Victoria Police.
Investigations have so far revealed at least four companies that have been targeted. Not all of them are IT firms and not all of them are in Victoria.
Police are hoping to bring charges against one man for unauthorised modification of data to cause impairment. Under the Crimes Act legislation, that gives police new search and seizure powers for computer offences, these offences are no longer summary and carry a maximum jail term of up to 10 years.
“It’s good for our industry that a lot of these delinquents who make a sport out of screwing people up are facing serious legislation and action is happening,” Wortley said.
“There are some real teeth in this legislation and, if it deters anybody, it’s a plus. Great credit must go to the police and the registrar for addressing this problem so quickly.”
His thoughts were echoed by Melbourne IT.
“We welcome any prosecution because it sends a message to the next person,” Valenta said. “But there will always be someone out there willing to try it on.”
Wortley said he would be looking to recover damages through the civil courts once criminal proceedings had been resolved. Police advised companies to keep an eye on email and website processes, stressing they should be contacted as soon as anybody finds anything suspicious.