Is Internap trying to conceal the full effects of a ransomware attack?
Cloud and data giant Internap (INAP) has experienced a ransomware attack which caused a halt on its email, database and website services.
Despite very little information online, the attack took place between the hours of 2:11 am CDT and 5:41 am CDT on September 28, before being discovered by a support technician by 8:00 am, CDT.
But interestingly, the report of the ransomware attack was later removed from INAP’s operational transparency incident report page (opens in new tab).
Covert ransomware attack
Using internet archive tool Wayback Machine, the incident previously reported on INAP’s page stated the company’s incident report team were able to determine the root cause and attack vector used.
Despite the incident being resolved, INAP was not able to recover its customers’ services because of the attack and as a result, the firm will no longer provide multi-tenant website, database, web hosting (opens in new tab) and email hosting (opens in new tab) services, according to the report (opens in new tab).
This means that customers who did not have external backup software (opens in new tab) have lost their services.
“We will be terminating these multi-tenant hosting services and removing the charges from your account effective immediately. The multi-tenant “GuestDNS” service was not impacted, and you can continue to make any DNS (opens in new tab) changes through the control panel,” said INAP.
“Our recommended path forward is to re-create any affected services on a bare metal server and to upload your data from your local copies if available.”
Currently, the most recent incident reported on INAP’s operational transparency page is the replacement of a faulty top-of-rack switch in its Chicago data center, which affected its client’s systems in those cabinets, resulting in 30 minutes of public network connectivity loss.
TechRadar Pro has reached out to INAP for further information on the incident, but the company is yet to reply.