The DistributeIT Hacking Story

Brothers, Alex and Carl Woerndle, launched their first company, DistributeIT, during the rise of the domain name boom, back in 2002. The business provided domain name registration and hosting services. 

It was early in the domain registration space, the wild west for online real estate. A time when the Australian Government was scrambling to regulate an exponentially growing market and considerations for cyber security were few and far between. 

The .com.au domain had just been introduced and DistributeIT was one of the first Registrars accredited by auDA (assigned by the Australian Government). Over 9 years the company grew to a considerable size. 

At its peak, DistributeIT had approximately a 10% market share of .com.au domain registrations and a broader Domain Name portfolio, equal to a quarter of a million domains registered and over 30,000 hosting clients.  

On the books, the business looked like nothing but good news. Although, that was all about to change. 

Incident alert 

Alex and Carl were both aware the company was not immune to cyber attacks. As a technology provider, dealing with hardware and software errors, network interruptions and attempted cyber attacks was commonplace. They were confident they could handle most scenarios given the mounting experience. Unfortunately, they were wrong. 

On Friday, June 3, 2011, at around 5pm the first domino fell. Alex and Carl received an alert that hackers had penetrated their IT defences and managed to get access to their network. Someone appeared to be in the network and trying to access the gateway server that was used to access the infrastructure inside. 

DistributeIT’s networks and systems were not directly impacted but the company did password resets for all clients and a major cleanup/rebuild of the IT infrastructure to remove the hacker’s access. 

Nightmare stage 

Just over a week later, the same hackers were back. It was immediately clear this was not just any ordinary hackers rummaging around trying to break in or break things. The intruders had top level access. They had broken in at an administrator level and begun to systematically attack the infrastructure.  

The hackers’ first action was to deface DistributeIT’s website. Then they did much worse—they locked out the entire DistributeIT team and started systematically destroying hard drives to delete all data. 

The only way to stop the attack was to pull the plug on the entire network. And that is exactly what Alex and Carl did. 

In 30mins the hackers had done enough damage to destroy everything Alex and Carl had built over 9 years. 

Dissolution of DistributeIT 

They didn’t know that at the time of course. They worked for the next 2 weeks to rebuild the infrastructure and communicate with impacted customers, resellers, global media and regulators. Even fielding emails from the highest levels of the Federal Government about what the breach meant for users and the broader internet community.  

But the dominoes had already fallen. The company’s size was ultimately what took it down. Too many clients relied on DistributeIT’s service, and so regulators considered the downtime too serious. To appease regulators and continue the recovery efforts, the directors were forced to fire sale the assets of the business to a competitor. 

Within 3 weeks of the initial intrusion, DistributeIT liquidated. And at that moment, it was all gone.  

The cyber attack was large enough and public enough, the hacker group, Anonymous, sent an email to Alex and Carl saying it was not them.

After handing over the keys to the purchaser, Alex and Carl went and sat in a coffee shop, not saying a word to one another, contemplating how they had lost everything.  

That was the day cyber security became the bullseye for both—they were determined to never let someone experience what they had gone through (and would continue to go through for years to come). 

A new mission 

MyEmpire Group is the answer to ‘what would have saved us last time’ but with modern technology and the evolving cyber threat landscape considered. It is the in-house cyber security specialists, the knowledge and resources needed to protect companies from today’s sophisticated cyber attacks.