ISP attacked after finding child porn
The manager of a small Internet access provider says vandals shut down the service after she reported a child porn site.
Marrya VandeVen, general manager of ISP Stockton Community Wide Web in California, said she came across the pornographic site while surfing March 11. The site, which she had traced to New Mexico, was not hosted by her ISP.
"As a mommy, I got really upset," VandeVen said today in an interview with CNET's NEWS.COM. "I've been working with other parents and groups on ways to keep our children safe. When I came across this site, I was really upset--not as the general manager of an ISP, but as a parent. How could someone convince a child to do that? This wasn't a young-looking 20-year-old. This was a prepubescent child pornography site."
A spokesperson for Internet Ventures, the company that operates the Stockton Community Wide Web, confirmed that the ISP's system was brought down but declined to give further details. The incident offers a rare glimpse into the netherworld of child pornography on the Internet, an issue that continues to be the source of legal wrangling.
VandeVen said she went on to report the information to the Customs Service and the FBI via email Thursday, March 12.
On Sunday, March 15, "I got a call at home from an employee at about 7 p.m., telling me the server was locked up. That happens every once in a while," she said.
When the employee rebooted the system, however, "nothing came back up," VandeVen said. "It deleted everything mounted on the system. [The hackers] were good--they got the backup to launch, and it wiped itself clean."
She explained that the hack was perpetrated using a Unix command to remove the root files, the core operating system files. "We had to rewrite everything from scratch," she said, noting that some information was saved on an old, "retired" hard drive, which the ISP used in the interim. "We had to re-create an ISP from a blank computer."
By 3 a.m. Monday customers could connect to the Internet and surf, VandeVen said, but they could neither retrieve the ISP's home page or their own pages nor check or send email. She said most customers were unable to retrieve email until Tuesday; others were held up until Thursday.
"Customers were really ticked off at first because they couldn't get their mail," she said. "But once we explained what happened, they were really great about it."
Since the ISP has been repaired, VandeVen said she is still feeling the effects. "I've gotten threatening emails from as far away as Australia," she said. "They feel I've encroached on one of their own. But if I have to be hated by any group, this one I don't mind so much."