Toni Dimaano Tech 02.28.2023 21:Feb PM EST

Dish Network Confirms Ransomware Attack Affecting Internal Systems Outage

Dish Network's multi-day network and service disruption that began on Friday has finally been linked to a ransomware attack.

According to Bleeping Computer, this massive outage affected Boost Mobile, Dish.com, the Dish Anywhere app, and other Dish Network-owned and -operated websites and networks.

Dish Warns Of Potential Dangers Following The Breach

During the operator's earnings call on February 23, Dish executives disclosed that the firm had encountered a network disruption.

Dish Network initially attributed the network and service interruption to VPN problems, but memo to the company's employees stated otherwise.

Dish discovered that the outage was brought on by a cybersecurity incident following an assessment by outside consultants and cyber-security specialists.

As stated in a Tuesday SEC filing, the company claimed that it immediately informed the appropriate law enforcement agencies of the incident.

The business continued by saying that the information filed related to its expectations for its capacity to contain, evaluate, and address the ransomware assault.

Additionally, it included information about how the ransomware assault affected the corporation's staff, clients, operations, and financial outcomes.

Moreover, the business stated in the SEC filing that Sling TV, Dish satellite TV, and its wireless and data networks are still in operation.

Dish Network also revealed that the hackers stole data from its compromised networks potentially containing personal information, but failed to clarify if it belonged to its employees, customers, or both.

However, Variety notes, there have been issues with Dish's internal communications, customer call centers, and internet sites.

Despite this, according to the filing, Dish is actively working to restore the impacted systems and is making good progress.

In the meantime, Dish boldly advertises at the top of the webpage that "We are experiencing a system issue that our teams are working hard to repair."

Reports Say That The Attack Targeted VMware ESXi Servers

Dish Network did not identify the ransomware gang responsible for the incident, but according to information cited by Bleeping Computer, the attack was carried out by the Black Basta ransomware operation.

It can be remembered that prior to the DIsh Network cyberattack, Black Basta has also compromised Boost Mobile.

Additionally, many sources told BleepingComputer that the incident happened in the early morning of February 23.

It was found that the attackers were accessing the company's Windows domain controllers and then encrypting VMware ESXi servers and backups.

However, there has been no confirmation of this information, and no ransomware group has taken ownership of the attack.

Several emails asking for more information about the outage and the ransomware attack that caused it have not received a response from Dish Network.

"The security of our customers' data is important to us, and if we learn that information was compromised, we'll take appropriate steps and let any impacted customers know," Dish reassures customers and employees.

Sadly, Dish Network staff also claim that they have been kept in the dark about what is going on and that the corporation has not given them much information.