Melbourne IT runs microscope over servers, backdoors

Melbourne IT has resolved to improve security processes for its clients, inviting in security specialists to "forensically review" the company's procedures and infrastructure to eliminate any potential weaknesses.

Chief executive Theo Hnarakis said the hosting provider had taken the opportunity to review systems after hackers breached servers hosting data for Queensland Government departments and AAPT last month.

"These sorts of things happen, it's a bit like getting your house broken into — the front door's locked and you've got an alarm on the property but there's always the possibilty someone might throw a brick through the window," Hnarakis said.

"So we're enhancing our procedures to make sure that all avenues in future are secure."

The breach saw hackers claiming to be part of an Anonymous splinter group deface the government websites and steal a 12-month-old backup of AAPT's business website, through a well-known vulnerability in Adobe's ColdFusion web application server that had remained unpatched at Melbourne IT.

However, Hnarakis maintained the hack had not adversely affected customer relations and the company had lost no clients as a result of the issue.

"In fact, most of the dialogue we're having with customers is around how they can make sure [they're] not vulnerable going forward," he told iTnews.

"[The AAPT breach] has created an awareness amongst a lot of our customers about what they can do to enhance security procedures. We have been working with customers where we believe there might have been a vulnerability to upscale the solution they have.”

'Horrendous' results

Despite minimal adverse effects due to the network breach, other fraud scams and network outages led the hosting provider to report a “pretty horrendous” result from its small-to-medium business services in the first half of 2012.

The domain name registrar posted an 18 percent jump in net profit to $5.8 million for the first half of 2012, but revenue from its SMB eBusinesses Solutions and Global Partner Solutions (GPS) fell 8 percent, with sales dropping from $8.1 million to $5.9 million.

"Our direct SMB business had a quite a few challenges... it's been a tough first half," Hnarakis said.

"We started the year reasonably solidly and then we were attacked by this credit card scam out of Asia. Unfortunately, that clogged up our web sales where we were being smashed by these fraudulent transactions [which meant] real customers couldn't get through."

Microsoft's mass migration from Office Live Small Business to Office 365 caused additional headaches for Melbourne IT's SMB division, which received more than ten times the usual number of phone calls between May and June.

"It created almost a panic move with most of the Microsoft customers and of course they couldn't get through to Microsoft, so they called us," Hnarakis said.

"That jammed up our customer service line and e-business sales line. Instead of selling, we were basically trying to save Microsoft's bacon."

Hnarakis said he expected the SMB division to improve in the next half of 2012 due to "seasonality" factors.

"We do tend to get a lot of the contracts and a spike in spending from the US through to September," he said.

"Typically the first half is slightly softer [so] we should see a subsantal improvement, as we did last year in the second half."

Hnarakis said he was pleased with the results overall, which he described as "reasonable".