How I was hacked, and how justice was done.

Two years ago my web-hosting business was annihilated by a malicious hacker, and as a result was out of action for a considerable amount of time.  This happened after a period of extreme 'hardening' (securing) activity had been carried out by myself and my infrastructure providers.  At the time I tried to explain to my clients just how extraordinary this attack was in light of the phenomenal efforts (and not to mention hours) I had put in tightening the security on the server.  The impact of this attack was exasserabated by a mocking email I received at the time of the final attack from the lead attacker - a person calling himself 'Colonel Root'.

This attack was viewed as particularly grave by the Metropolitan Police e-crime unit and as a result they launched an intensive investigation.  Last Friday as a direct result of the evidence we were able to gather following my own fast thinking (in shutting down the server), and as a result of the remarkable work carried out by The Metropolitan Police two individuals (Zachary Woodham and Louis Tobenhouse) were sentenced for this crime.

This attack severely damaged my professional reputation and directly led to me having to give up my hosting business.  In addition to the financial impact this attack had the complex loss of service that it caused also irrevocably damaged some very long standing relationships I had with clients.

Now that this horrid case has reached a conclusion I owe a huge debt of thanks to the astoundingly understanding and dedicated team at The Metropolitan Police Central e-crime unit, my infrastructure provider (who was taking a well-earned break after recovering from cancer at the time of the attack) and also to a business associate who kindly put me in touch with a world-leading security industry expert who was able to assist me in gathering the evidence needed to bring these criminals to justice.  You know who you are, and I am forever in your debt.  I am also extremely grateful to clients who assisted in this investigation by being willing to give statements to the police.

The Metropolitan police have issued an official statement on the conclusion to this long and difficult case on their website -
http://content.met.police.uk/News/Teenage-internet-hackers-prosecuted/1260268939286/1257246745756

There is no victory to be had here, the last two years have been horrific and deeply upsetting on many levels, and I sincerely wish the entire episode had never happened.  I was (and still am) a stranger to my attackers, this was a vicious and malevolent crime that appears to have been motivated purely by random malice.  That being said I am pleased that Zachary Woodham and Louis Tobenhouse will not be going to prison; instead they have been given an opportunity (via their community service orders) to do something positive and constructive.

Cyber crime is grossly damaging British business, and it is encouraging to knew that The Central E-crime unit are hot on the heels of those who wish to destroy the hard work of companies who ultimately are just trying to get by in the current difficult climate.

Part of the evidence/ witness statement used in court was this blog post written a few months after the attack - http://lawsie.blogspot.com/2009/08/to-you-hacker-my-attacker.html

Press coverage

• http://www.dailymail.co.uk/
• http://nationalcybersecurity.net/
• Police Specials 
• TechWorld 
• Ping Zine 
• The Mirror
• The Register (the best coverage in my opinion)  
• Naked Security  
• CSO  
• Mac World  
• Sophos  
• Softpedia 
• The Inquirer 
• Computer World 
• Web Host Industry Review  
• PCR
• in audit 
• IT Pro 
• The Brighton Argus
• SC Magazine 
• Help Net security
• IT Pro portal
• eWeek   
• Eset 

NOTE - I would like to make it clear that while my involvement with PunkyHosting.com came to an end it is still very much a going concern.

For those about to rock, we pray for you.

Me, a few years before my first gig.

Originally published in ‘Lights Go Out’ issue 11, February 2011

Whenever folk talk about the first gig they went to it is assumed (by them) that they'll earn extra points if it was either a very obscure and musically challenging underground act, or if the first band they saw went on to become global megastars.  Now I certainly don't think I'm cool, but I could tell you with some truth that the first gig I ever went to was Blur at the Corn Exchange in Ipswich in mid 1991.  It's certainly true that Blur had just released their second single 'There's No Other Way', and it's undeniable that they went on to a be global megastars, but it wouldn't be truthful of me to tell you that it really was my first ever gig.  You see, my first ever gig was really rather different to that early glimpse of four lads from Colchester who would go on to fame and riches...

I've never made any secret of the fact that I was raised Church of England, and when I say that I mean it in a quite literal sense.  The church that my parents dragged me to every Sunday was a village church and had a fairly robust large congregation of cheerful, friendly and supportive folk.  There were always loads of other kids around and it may be a cliché, but it really was like growing up with an enormous family.  At the time I couldn't understand why most of my friends at school didn't have two or three hundred aunties and uncles like I did.  I don't want to give you the impression that the church was anything like a cult, it was just a huge bunch of very friendly and supportive people, and one that I feel very lucky to have grown up with.

But life in a progressive modern happy clappy church didn't only involve sitting in a medieval building singing along to electric guitars, excitable drumming and watching people holding their hands in the air like they were waiting for someone to throw them an apple, oh no, sometimes we went to other places to hear electric guitars, excitable drumming and to watch people hold their hands in the air like they were waiting for someone to throw them an apple.  And sometimes these events were disguised as rock concerts.

The first gig I ever went to was at The Spa Pavilion in Felixstowe, to watch a band called 'White Harvest'.  Despite having (what in retrospect is) a name that makes them sound like a cross between the Countryside Alliance and the British National Party they were in fact a Christian rock band.  The only thing I can remember about the band was that the drummer was a very nice man from our church called Neville, and that the singer was wearing a Bacofoil jumpsuit.  I hated it, and not just the Bacofoil I hated everything about that gig. 

After much complaining (mine mostly) my dad aided my escape (so some of the complaining may have been his) and we went for a nice wander down Felixstowe promenade to have a look at the arcade machines in the recently opened Felixstowe leisure centre.  If you're the sort of person who likes facts you might be interested to know that this gig was in 1985, which means I was nine years old.

But as far as whether I think anyone's first gig is cool or not, well that's a bit subjective isn't it.  I can't say that anything would excite me more than someone telling me that the first gig they attended was in a pub, and if they told me that pub gig inspired them to pick up an instrument and start creating music of them own then I'd almost definitely think they're cool.

P.S I rang my dad to get the date that Felixstowe leisure centre opened and he denies all memory of this gig ever happening, but being the supporting type of lad that he is he told me not to let facts get in the way of a good story.

The bad idea bike ride - a post mortem.

About a month ago Mark Schorah and I decided that cycling ninety miles from Ipswich to Haverhill and back in aid of The Red Cross sounded like a good idea, so I hopped on my bike and was horrified that I could only go about four miles without getting a pounding headache and seeing flashing lights in front of my eyes. If you want to know more about why we committed to this very bad idea look here - http://lawsie.blogspot.com/2011/04/born-to-ride-pensively-prepared-for.html

Much against everyone's advice Mark (a.k.a 'Trumpet') and I took off from Ipswich at about 8am yesterday and cycled to Haverhill and back.  But we had a problem, and that problem was that we'd only racked up about 75 miles, so we cycled through Ipswich and out the other side until we reached Martlesham Heath.

We both hurt like hell today, but the important thing is that we did it, and we raised a lot more money for the red cross than we expected to!  I'm personally quite proud that I managed to keep pace with Mark despite the fact he's young enough that (biologically speaking) I could be his father.

If you would like to know more about how this epic ride went then why not watch this short video:



It's still not too late to donate some money, and if you do so online (and you're a UK taxpayer) the government will add a little something extra to your donation at no cost to you!