By Leonie Lamont
WHEN Mike Taylor, the managing editor of Money Management logged into his email account early on Monday, there was a message that stopped him in his tracks: ''From saddsad: 6 Feb 7.48 I started the attack on your site, so I stopped her. you have to pay me. contact with me.''
Money Management, part of the Reed Business Information stable of trade and financial magazines and websites, had been attracting a level of hits advertisers could only dream of. But the 2 million hits were not from genuine users, but thousands of compromised computers, principally in Mexico and South America, bombarding the site every second in a distributed-denial-of-service (DDos).
Monday blues: Zenia Khodr, Mike Taylor and Phil Craig had a shocking start to the week.
Publisher Zeina Khodr was also sent the email. ''No one has claimed responsibility for the attack, and that is strange,'' Ms Khodr says. There has been no further communication.
With the co-operation of the Money Management team, The Age has been able to observe how a business copes with an attack out of nowhere.
It was a week when Reed Business Information's IT director, Phil Craig, was thrust into the dark side of the internet. ''We identified at least 4500 different computers from 50 different countries hitting Money Management. When we manually blocked some . . new ones would take their place.''
CERT Australia - the national Computer Emergency Response Team, part of the Attorney-General's Department - was monitoring the soaring traffic live and contacted the company within an hour of the attack being launched. Mr Craig says it identified a ''fairly new and aggressive bot called 'Dirt Jumper' as the culprit''.
''The predicament with this Dirt Jumper is that that for $20, you can buy a two-hour attack on a site,'' Mr Craig says. ''For $600 you can get a gigabit per second [attack] for a week. And for $10 they will do a test for you. We can see two spikes in our traffic over the past couple of weeks, and in hindsight …''
In the early hours Mr Craig flagged the attack with the Australian Federal Police cybercrimes unit, and Google - as the ''saddsad'' email came from a gmail account. CERT Australia advised Ms Khodr and Mr Taylor not to respond to the email as it was likely to prolong the attack.
The attack was directed at a few pages of the Money Management, Reed Business and Mardev websites. The sites are part of the global empire of business-to-business publisher Reed Elsevier, a leading financial, scientific, legal and trade publisher. In its annual report filed with the New York Stock Exchange, Reed Elsevier (RUK) had revenue of $US9.4 billion, and profits of $US1 billion in 2010. Reed Business Information accounted for about 6 per cent of profits.
Mr Taylor and Ms Khodr are perplexed why Money Management would be targeted. It not a transaction site - unlike online broking site Etrade, hit with a dedicated denial of service for two weeks in December. When Etrade was attacked, security experts said it could be a smokescreen as the perpetrators sought to find confidential information.
The continued threat of these attacks was highlighted last week when the Reserve Bank tendered for computer security companies to protect its internet connectivity.
While Mr Craig's team worked with their webhost CloudFlare, and CERT, the editorial side of the business started distributing its stories via social media and emailing its newsletter as a PDF.
On Tuesday, it was decided to route Money Management through a different webhost, which specialised in protecting against DDos attacks. The site is open for business again. Mr Taylor has yet to quantify the dollar damage. At 7.45am on Wednesday, two days after the attack began, the DDos attack on Reed Business and Mardev sites stopped. It continues against Money Management.