ASUSTOR President Recommends Customers Pay Ransom

[JohnAsustor]

Whilst I agree the reply is quite poor, he does not actually "recommend" you to pay the fee....

Remember issues such as translation, do not always give the literal meaning either.

It all depends how you interoperate the statement IMO.

[whoson3rd]

Hi Derrik,

Do you have any back up of the NAS? If you have backup, we can help you restore. If you do not have backup, then as this Deadbolt is very ferocious, you will not be able to get your data back unless you pay for their decryption key.

The same Deadbolt attacked many other NAS brands earlier this year and before. We have upgraded ADM to 4.0 for security enhancement but this criminal still find users who do not either change their default port or leave services open.

Regards,

Shawn Shu

I can actually SEE the logic for Asustor's statement.
BUT, speaking for myself and probably a large percentage of ASUSTORS consumers, I ventured into the NAS world only a couple months ago. I did not know enough about the workings of a NAS to even be a speck in a gnats eye, but knew I wanted to avail myself to data back-up (RAID) and enjoy the niceties of Plex to stream my accumulated movie videos. I ventured into this very complex learning curve (for a neophyte with little-to-no internet security knowledge) scraping through the internet for tidbits of knowledge while working alone (Asustors support 'sucks' by the way) to get my data backed up and the Plex to stream my videos onto my smart TV. I chose Asustor because the HDMI caught my eye. The venture took a good two months and was finished only a couple of days before the Deadbolt locked it all down.

What I'm leading into is that I was unaware of the Ransomware attacks that had apparently been attacking the "other NAS brands" as I was too focused in pursuing my primary objective (which I just did complete).

IN MY OPINION ASUSTOR DROPPED THE BALL IN NOT BEING MORE PROACTIVE TO DRILL INTO THE HEAD OF THEIR UNKNOWING (NEW CUSTOMERS) OF THIS LOOMING THREAT. I can assure you that had I been made aware of it and had studied and absorbed 'NAS 353 Mitigating Ransomware Risks' that I would have NOT been a victim. I know the old adage, "Buyer Beware" but a really conscientious company SHOULD take the extra step to create good will to their customers by actually helping them. Shame on ME for not knowing and Shame on Asustor for not warning us when they KNEW there was a problem lurking out there!

Anyone, including Shawn Shu: "If you think I'm paying a penny to mitigate this, you can bite my butt". The shields are going up, NAS is being wiped, reinitialized,repopulated and OFFLINE..
And; probably this is the last ASUS or ASUSTOR product I purchase.

[Mgoblue]

Asustor should pay the ransom for the Master key. Not standing behind their customers will cost them far more than the ransom.

[Saltrams]

Asustor should pay the ransom for the Master key. Not standing behind their customers will cost them far more than the ransom.

Let’s start a petition!

[giostark]

Asustor should pay the ransom for the Master key. Not standing behind their customers will cost them far more than the ransom.

Agree. We choose the brand , we paid for it , it must take responsibility.
Then , to use google docs for collect all our data is an other absurdity.
This phrase is other than political?!

In response to increasing numbers of ransomware attacks, ASUSTOR has committed to an internal review of company policies to regain customer trust. This includes, but is not limited to increased monitoring of potential security risks and strengthening software and network defenses. ASUSTOR takes security very seriously and apologizes for any inconvenience caused.

A damn well unwanted surprise.