As someone running an internet business, my heart goes out to all of those who have seen their websites – and in some cases their entire businesses – destroyed or decimated in the Distribute.IT hacking scandal.
The idea that 4800 websites could simply evaporate should scare the pants off entrepreneurs. All those pieces of data gone. All those bits of content. All those carefully collected customer details. As one poster on Whirlpool’s forums said yesterday, there are people who have lost their “life’s work” in this attack.
Not surprisingly, the question this morning is: Who is to blame?
Plenty of fingers are pointing at Distribute.IT. According to our report today from SmartCompany, the firm’s infrastructure appears to have been lacking in some respects. Certainly, communications since the attack have been poor, although you could imagine the company’s staff would be focused on fixing their shocking problems first, and talking to customers second.
But many industry figures, including Rob Forsyth, director of the Internet Society of Australia and managing director of internet security company Sophos, are calling for the hackers – who at present remain unidentified – to be bought to account under tougher cybercrime laws.
Forsyth has also made the point that laws are needed to force companies to reveal to customers when data is lost or hacked. It’s something the Privacy Commission is looking at.
Distribute.IT and the hackers must share the blame. But unfortunately, the blame game won’t bring much joy for the victims here. It’s hard to imagine a small web-hosting firm like Distribute.IT will have much scope to pay compensation to those affected and it’s highly unlikely regulators or law enforcement bodies will manage to convict anyone over this hacking incident.
But there are a few basic lessons we can learn from this event.
Firstly, every entrepreneur should be calling their web hosting provider (or getting their IT person to do it) to make sure they have appropriate systems and processes in place to defend against a cyber attack and/or to recover data lost in an attack.
Secondly, every entrepreneur should realise there is a high probability they will be hit with some sort of cyber attack in the future. Fingers crossed it will be much less dramatic than what we’ve seen at Distribute.IT, but the odds of escape unscathed are tiny. With this in mind, businesses need to take cyber security seriously.
Are there security or back-up measures you’re not currently using? If so, it’s time for a rethink.
James was the editor and publisher of SmartCompany and LeadingCompany for five years. He is now the Australian Financial Review‘s companies & markets editor, and a former BRW editor.
Comments