[UPDATE Tuesday] Local Internet Provider Hacked; Ransom Demanded in Bitcoin; Emails Halted

asis logo normalA local Internet service provider in Garberville had a server attacked and their customers lost email service. Businesses, schools, and private individuals are without the ability to make or send an email. According to Sally Then, owner of Asis.com, “Yesterday morning some hackers from out of the country server attacked and encrypted [our data] in a ransomware attack. The attackers were demanding a ransom payment in bitcoin.”

Asis’s email and web page haven’t been working since yesterday although internet service to their customers wasn’t affected.

Then doesn’t yet know if the online raid was accomplished with the same ransomware that created the Wannacry cyberattack that jammed up the United Kingdom’s Health Service in May.

Then said her experts are busy trying to get email service back to Asis’s customers. She explained,

My service administrators took [the server] offline to isolate it from further attack. They are working from our backup snapshots and they have a new server in place and waiting for them to complete populating it with the needed data.

 

According to Then, the customers of Asis haven’t had any personal data stolen. “Nobody’s personal data was accessed or compromised,” she said. “All of our customer data is in a totally different server. They don’t need to worry about that.”

UPDATE 8:37 p.m.: Sally Then tells us:

I received an update from the ASIS system administration techs at 7:26 p.m.

They are making good progress, and will continue working into the night. There are many crucial logistics involved in restoring email service to working seamlessly for all of us. If things go according to plan, we will be able to start testing inbound email tomorrow.

Jay and I are truly humbled by the patience, kindness and concern our clients have extended to our business during this crisis. We actually had several customers stop by our office today, just to give us a hug. Wow! I wouldn’t have blamed them if they wanted to punch me in the nose.

Our “super hero” techs will continue to provide me with updates, and I will share them as they come in. Please send them good thoughts, as they pull yet another “all nighter” to finish cleaning up this mess.

UPDATE Sunday: Sally Then of Asis announced the restoral of service with a post on Facebook, “You’ve got mail.”

UPDATE Tuesday: Sally Then has another update on the situation:

ASIS email seems to be working for everyone but a few people.  If you are not receiving email, please call the office (leave a message if we are not there) and please include your email address in the message.
Web services will be up soon.  Note:  Webmail will not be available until web service is restored.
Jay and I would like to thank everyone, for your patience, support, and kind words during this difficult event.  And, a shout out to our tech team, who have been working round the clock for days.
Facebooktwitterpinterestmail

Join the discussion! For rules visit: https://kymkemp.com/commenting-rules

Comments system how-to: https://wpdiscuz.com/community/postid/10599/

Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

34 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
Cowabunga
Guest
Cowabunga
6 years ago

Were the customers emails compromised? If so, their personal data may also have been compromised.

thouroughly read
Guest
thouroughly read
6 years ago

Cowabunga, did you even read the article?

Guest
Guest
Guest
6 years ago

Well obviously not

Cowabunga
Guest
Cowabunga
6 years ago

Yes, I did read it.

Guest
Guest
Guest
6 years ago
Reply to  Cowabunga

O? Ok then lol, well it says plane as day no personal data was compromised

Cowabunga
Guest
Cowabunga
6 years ago
Reply to  Guest

I do not see it mentioned specifically whether or not any emails were accessed. If they were, those emails could contain personal data.

Seamus
Guest
Seamus
6 years ago
Reply to  Guest

The provider implied that no customer data was removed from their servers, cowabunga implied that if personal emails were taken, they might have contained personal data. A legitimate question.

witness digital
Guest
witness digital
6 years ago

if its wannacry ransomware then I would question the competence of asis.com for running servers on windows… or having ANY critical infrastructure running on ANY Micro$oft products whatsoever…

a security pundit

Dan Fuller
Guest
Dan Fuller
6 years ago

Do you mean “Micro$haft” products??? >;-]]

Seamus
Guest
Seamus
6 years ago

If it was wannacry, I would question their (asis) failure to install a security patch that would have prevented the hack, a patch released in mid March.

hmm
Guest
hmm
6 years ago

A common old wives tale, told amongst the computer barely-literate. Its somewhat true for home users, since there are so many fewer options out there for apple products, in terms of software, and less control over the operating system. Basically it’s harder for dummies to screw themselves over with apple. Windows does have a large user base and thus more people targeting windows operation systems.

http://www.ibtimes.com/nope-apple-computers-arent-more-secure-windows-theyre-just-attacked-less-2334220

https://ion.icaew.com/itcounts/b/weblog/posts/cyber-security-tip-of-the-week-10—are-apple-macs-more-secure-than-windows

Technical John
Guest
Technical John
6 years ago
Reply to  hmm

Linux servers are more secure than Windows. Linux servers are attacked ALL THE TIME because they are all over the internet and publicly accessible.

But more to the point, Linux tends to stay secure over much longer periods of time as well. Most distributions have a 5 year security patch window. But since you can upgrade for free, there’s hardly ever a situation where you wouldn’t have a server with anything older than a 2 year old OS.

Security101
Guest
Security101
6 years ago
Reply to  Technical John

Linux, windows or any computing platform is only as secure as your systems administrator makes it. Please explain to me how a Linux server “stays” secure, I am very interested. A much more truthful statement should be that Microsoft is a multi-threaded Operating System and that spawn of processes makes it have single points of failures that make a hackers job easier. All systems are vulnerable and the only way to truly ever secure a computer is to turn it off!!!

ED Denson
Guest
ED Denson
6 years ago

Well, the news gets local. We use asis and I suggest people wanting to email me use texts instead.

Guest
Guest
Guest
6 years ago

Damn! I just won the Nigerian lottery again too! All I had to do was wait for the email to confirm where I need to send my 1500$ in Walmart money orders by today! Please hurry!

Dan Fuller
Guest
Dan Fuller
6 years ago
Reply to  Guest

OMG(s) NO!!!! Tell me it ain’t true!!! You poor thing you, I hope you & Mall Wart can agree to disagree or w/e the case may or may not be!!!! ;op

visitor
Guest
visitor
6 years ago
Reply to  Guest

‘Welcome to 419eater, the largest (and best) scambaiting site on the internet.’
Make sure to check out the “Hall of Shame” and “The Trophy Room”.

http://www.419eater.com/

“So what is scambaiting? Well, put simply, you enter into a dialogue with scammers, simply to waste their time and resources. Whilst you are doing this, you will be helping to keep the scammers away from real potential victims and screwing around with the minds of deserving thieves.

It doesn’t matter if you are new to this sport or a hardened veteran; if you are wasting the time of a scammer, or frustrating them in any way well that’s good enough for us, and we would welcome you to join with our now very large community.

Although this site concentrates mainly on the Nigerian 419 scam, we are happy to deal with other types of scams if and when the opportunity arises. We also have a large team of experts dedicated to the removal and closure of fake scammer banks and sites.

Even if you are a newcomer, much fun can be had and at the same time you will be doing a public service. If you are new to this game and need to know what scambaiting is all about, please click on the 419 FAQ link at the top of the page. See also Baiting Tips for information on getting started on this great cyber-sport

We encourage everyone to contribute to this site and the good cause of scambaiting by joining in the fun on the FORUM where you can meet new friends and seek expert help, tips and advice on anti-scamming. User participation is absolutely encouraged. Please help us to raise awareness the world over!

Do not be fooled into thinking scammers operate from a specific part of the world. Advance fee fraud scammers are a world-wide menace, and they operate from every continent. These scammers range from small one-man-band criminals scamming a few thousand dollars a year, to highly organised groups raking in hundreds of thousands of dollars a month.”

Sean
Guest
Sean
6 years ago

I laugh at the last line:

“All of our customer data is in a totally different server. They don’t need to worry about that.”

So let’s taunt the people who, apparently easily, gained access to our server and screwed it up. THAT won’t come back and bite us…

Dan Fuller
Guest
Dan Fuller
6 years ago
Reply to  Sean

No doubt, they’re all Neener Neener etc you missed this!!! Oh Sh!t they got us again on the other one this time!!!

Livin' Easy
Guest
Livin' Easy
6 years ago

“Then, Then said the email service was hacked”. (Not a quote from the article), but grammatically interesting last name when trying to write with it. Gotta love it !!!

Techie
Guest
Techie
6 years ago

Of course ASIS doesn’t run Windows. It’s running Linux, a version of UNIX. So not wannacry. These hackers could care less about your personal data. They want ransom in bitcoin, an internet currency that is very hard to track back to them. I just heard tell of a large hosting company with 153 servers who were infected and had to pay a million dollars to get their servers back. https://news.fastcompany.com/south-korean-web-host-pays-1-million-to-ransomware-attackers-4041212. Ransomware costs the world about 1 billion a year. 🙁

Bigfoot
Guest
Bigfoot
6 years ago
Reply to  Techie

How do you know they’re not running windows.

red tail hawk
Guest
red tail hawk
6 years ago

ASIS is my home page, and when I booted up 2 days ago, all I saw was the list of every one of their customers’ e-mails, with live links. No, I didn’t click on them, but if anyone did, they might have exposed themselves to a virus. Once ASIS shut down access, the data was supposedly protected. Kinda like locking the barn door after the horses have escaped. smh

Sky Writer
Guest
Sky Writer
6 years ago

Maybe they will accept PotCoin in ransom payment instead.

visitor
Guest
visitor
6 years ago
Reply to  Sky Writer

comment image

Diesel Dually
Guest
Diesel Dually
6 years ago

Seems like someone got mad about the bill, or something. I call ASIS the “expensive internet company”. At least it’s better than Wave…

Dan Fuller
Guest
Dan Fuller
6 years ago
Reply to  Diesel Dually

I’ll bet it’s better than Exede or any other satellite ISP!!! But sadly where I live (in Swain’s Flat on Hwy 36 I have my choice od satellite or Dial up basically, take it or leave it!!! I cannot have access to the Fiber Optic line literally right across the road from me because AT&T sez it’s for “Redundant backup for the original one coming up Hwy 101!!! Not to mention with the prices my ISP wants all I can afford is the10 gig cap plan, which takes NO TIME at all to burn up watching a few videos in HD!!!

Satisfied
Guest
Satisfied
6 years ago
WTF
Guest
WTF
6 years ago
Reply to  Satisfied

Not for streaming you will be over the limit with one titanic video in one month that’s it . Nothing more

Anon Forrest
Guest
6 years ago

I find it very interesting that the net-nappers would choose an rural area with a low-density population. They must think there’s a lot of money up here… Or maybe they just checked for an abundance of mega-pickups, white and shiny of course.

Bigfoot
Guest
Bigfoot
6 years ago
Reply to  Anon Forrest

They most likely sent the ransom out to thousands if not millions of computers and we were unfortunate enough to get infected.

Max
Guest
Max
6 years ago

It’s highly unlikey all personal information about users is housed on a separate “safe” server that wasn’t accessed during a hack that took down an entire system. But most people don’t understand what system hacks mean or entail, or what a system being hacked really means. There are a lot of different reasons for hacking a system. Some of them having nothing to do with accessing data account information.

BoomerTech
Guest
BoomerTech
6 years ago

After days of being down, we called for the third time to find out what was going on. Sally told us was that the system was down in ‘our area’ and that they would put us on the ‘service list’ and that we should be up in a couple of hours. That was yesterday 6/23 at 2:30pm. Today, we called and just got the voicemail again.

Did a little more searching on the internet and found this post. Super disappointed because they never mentioned being hacked and that everybody was down. We expect more from our service providers. How about a little honesty for your customers? And some updates?

commenter
Guest
commenter
6 years ago

well it opened up a little yesterday and a couple emails slipped in,
but there is still a group of old ones hoping to slide in…
where can we get official word of what is going on…
Kym?