[UPDATE Tuesday] Local Internet Provider Hacked; Ransom Demanded in Bitcoin; Emails Halted
A local Internet service provider in Garberville had a server attacked and their customers lost email service. Businesses, schools, and private individuals are without the ability to make or send an email. According to Sally Then, owner of Asis.com, “Yesterday morning some hackers from out of the country server attacked and encrypted [our data] in a ransomware attack. The attackers were demanding a ransom payment in bitcoin.”
Asis’s email and web page haven’t been working since yesterday although internet service to their customers wasn’t affected.
Then doesn’t yet know if the online raid was accomplished with the same ransomware that created the Wannacry cyberattack that jammed up the United Kingdom’s Health Service in May.
Then said her experts are busy trying to get email service back to Asis’s customers. She explained,
My service administrators took [the server] offline to isolate it from further attack. They are working from our backup snapshots and they have a new server in place and waiting for them to complete populating it with the needed data.
According to Then, the customers of Asis haven’t had any personal data stolen. “Nobody’s personal data was accessed or compromised,” she said. “All of our customer data is in a totally different server. They don’t need to worry about that.”
UPDATE 8:37 p.m.: Sally Then tells us:
I received an update from the ASIS system administration techs at 7:26 p.m.
They are making good progress, and will continue working into the night. There are many crucial logistics involved in restoring email service to working seamlessly for all of us. If things go according to plan, we will be able to start testing inbound email tomorrow.
Jay and I are truly humbled by the patience, kindness and concern our clients have extended to our business during this crisis. We actually had several customers stop by our office today, just to give us a hug. Wow! I wouldn’t have blamed them if they wanted to punch me in the nose.
Our “super hero” techs will continue to provide me with updates, and I will share them as they come in. Please send them good thoughts, as they pull yet another “all nighter” to finish cleaning up this mess.
UPDATE Sunday: Sally Then of Asis announced the restoral of service with a post on Facebook, “You’ve got mail.”
UPDATE Tuesday: Sally Then has another update on the situation:
ASIS email seems to be working for everyone but a few people. If you are not receiving email, please call the office (leave a message if we are not there) and please include your email address in the message.Web services will be up soon. Note: Webmail will not be available until web service is restored.Jay and I would like to thank everyone, for your patience, support, and kind words during this difficult event. And, a shout out to our tech team, who have been working round the clock for days.
Join the discussion! For rules visit: https://kymkemp.com/commenting-rules
Comments system how-to: https://wpdiscuz.com/community/postid/10599/
Were the customers emails compromised? If so, their personal data may also have been compromised.
Cowabunga, did you even read the article?
Well obviously not
Yes, I did read it.
O? Ok then lol, well it says plane as day no personal data was compromised
I do not see it mentioned specifically whether or not any emails were accessed. If they were, those emails could contain personal data.
The provider implied that no customer data was removed from their servers, cowabunga implied that if personal emails were taken, they might have contained personal data. A legitimate question.
if its wannacry ransomware then I would question the competence of asis.com for running servers on windows… or having ANY critical infrastructure running on ANY Micro$oft products whatsoever…
a security pundit
Do you mean “Micro$haft” products??? >;-]]
If it was wannacry, I would question their (asis) failure to install a security patch that would have prevented the hack, a patch released in mid March.
A common old wives tale, told amongst the computer barely-literate. Its somewhat true for home users, since there are so many fewer options out there for apple products, in terms of software, and less control over the operating system. Basically it’s harder for dummies to screw themselves over with apple. Windows does have a large user base and thus more people targeting windows operation systems.
http://www.ibtimes.com/nope-apple-computers-arent-more-secure-windows-theyre-just-attacked-less-2334220
https://ion.icaew.com/itcounts/b/weblog/posts/cyber-security-tip-of-the-week-10—are-apple-macs-more-secure-than-windows
Linux servers are more secure than Windows. Linux servers are attacked ALL THE TIME because they are all over the internet and publicly accessible.
But more to the point, Linux tends to stay secure over much longer periods of time as well. Most distributions have a 5 year security patch window. But since you can upgrade for free, there’s hardly ever a situation where you wouldn’t have a server with anything older than a 2 year old OS.
Linux, windows or any computing platform is only as secure as your systems administrator makes it. Please explain to me how a Linux server “stays” secure, I am very interested. A much more truthful statement should be that Microsoft is a multi-threaded Operating System and that spawn of processes makes it have single points of failures that make a hackers job easier. All systems are vulnerable and the only way to truly ever secure a computer is to turn it off!!!
Well, the news gets local. We use asis and I suggest people wanting to email me use texts instead.
Damn! I just won the Nigerian lottery again too! All I had to do was wait for the email to confirm where I need to send my 1500$ in Walmart money orders by today! Please hurry!
OMG(s) NO!!!! Tell me it ain’t true!!! You poor thing you, I hope you & Mall Wart can agree to disagree or w/e the case may or may not be!!!! ;op
‘Welcome to 419eater, the largest (and best) scambaiting site on the internet.’
Make sure to check out the “Hall of Shame” and “The Trophy Room”.
http://www.419eater.com/
“So what is scambaiting? Well, put simply, you enter into a dialogue with scammers, simply to waste their time and resources. Whilst you are doing this, you will be helping to keep the scammers away from real potential victims and screwing around with the minds of deserving thieves.
It doesn’t matter if you are new to this sport or a hardened veteran; if you are wasting the time of a scammer, or frustrating them in any way well that’s good enough for us, and we would welcome you to join with our now very large community.
Although this site concentrates mainly on the Nigerian 419 scam, we are happy to deal with other types of scams if and when the opportunity arises. We also have a large team of experts dedicated to the removal and closure of fake scammer banks and sites.
Even if you are a newcomer, much fun can be had and at the same time you will be doing a public service. If you are new to this game and need to know what scambaiting is all about, please click on the 419 FAQ link at the top of the page. See also Baiting Tips for information on getting started on this great cyber-sport
We encourage everyone to contribute to this site and the good cause of scambaiting by joining in the fun on the FORUM where you can meet new friends and seek expert help, tips and advice on anti-scamming. User participation is absolutely encouraged. Please help us to raise awareness the world over!
Do not be fooled into thinking scammers operate from a specific part of the world. Advance fee fraud scammers are a world-wide menace, and they operate from every continent. These scammers range from small one-man-band criminals scamming a few thousand dollars a year, to highly organised groups raking in hundreds of thousands of dollars a month.”
I laugh at the last line:
“All of our customer data is in a totally different server. They don’t need to worry about that.”
So let’s taunt the people who, apparently easily, gained access to our server and screwed it up. THAT won’t come back and bite us…
No doubt, they’re all Neener Neener etc you missed this!!! Oh Sh!t they got us again on the other one this time!!!
“Then, Then said the email service was hacked”. (Not a quote from the article), but grammatically interesting last name when trying to write with it. Gotta love it !!!
Of course ASIS doesn’t run Windows. It’s running Linux, a version of UNIX. So not wannacry. These hackers could care less about your personal data. They want ransom in bitcoin, an internet currency that is very hard to track back to them. I just heard tell of a large hosting company with 153 servers who were infected and had to pay a million dollars to get their servers back. https://news.fastcompany.com/south-korean-web-host-pays-1-million-to-ransomware-attackers-4041212. Ransomware costs the world about 1 billion a year. 🙁
How do you know they’re not running windows.
ASIS is my home page, and when I booted up 2 days ago, all I saw was the list of every one of their customers’ e-mails, with live links. No, I didn’t click on them, but if anyone did, they might have exposed themselves to a virus. Once ASIS shut down access, the data was supposedly protected. Kinda like locking the barn door after the horses have escaped. smh
Maybe they will accept PotCoin in ransom payment instead.
Seems like someone got mad about the bill, or something. I call ASIS the “expensive internet company”. At least it’s better than Wave…
I’ll bet it’s better than Exede or any other satellite ISP!!! But sadly where I live (in Swain’s Flat on Hwy 36 I have my choice od satellite or Dial up basically, take it or leave it!!! I cannot have access to the Fiber Optic line literally right across the road from me because AT&T sez it’s for “Redundant backup for the original one coming up Hwy 101!!! Not to mention with the prices my ISP wants all I can afford is the10 gig cap plan, which takes NO TIME at all to burn up watching a few videos in HD!!!
http://www.101netlink.com/
Never a prob
Not for streaming you will be over the limit with one titanic video in one month that’s it . Nothing more
I find it very interesting that the net-nappers would choose an rural area with a low-density population. They must think there’s a lot of money up here… Or maybe they just checked for an abundance of mega-pickups, white and shiny of course.
They most likely sent the ransom out to thousands if not millions of computers and we were unfortunate enough to get infected.
It’s highly unlikey all personal information about users is housed on a separate “safe” server that wasn’t accessed during a hack that took down an entire system. But most people don’t understand what system hacks mean or entail, or what a system being hacked really means. There are a lot of different reasons for hacking a system. Some of them having nothing to do with accessing data account information.
After days of being down, we called for the third time to find out what was going on. Sally told us was that the system was down in ‘our area’ and that they would put us on the ‘service list’ and that we should be up in a couple of hours. That was yesterday 6/23 at 2:30pm. Today, we called and just got the voicemail again.
Did a little more searching on the internet and found this post. Super disappointed because they never mentioned being hacked and that everybody was down. We expect more from our service providers. How about a little honesty for your customers? And some updates?
well it opened up a little yesterday and a couple emails slipped in,
but there is still a group of old ones hoping to slide in…
where can we get official word of what is going on…
Kym?