Dish Network pays ransom money to extortionists

American television company Dish network, victim of a cyber attack with extortion in February, most likely paid the attackers a ransom. This is evidenced by the wording in the letters sent to the company’s employees.

In Dish Network emails sent out informs that “has received confirmation that the retrieved data has been deleted.” Such confirmation is usually given only after payment of the ransom, which means that Dish Network could hardly have received it without paying.

However, paying the ransom does not guarantee the complete removal of the stolen data. There have been cases in the past where victims who paid a ransom were subjected to further blackmail, selling their details to other attackers or publishing information on leak sites.

Reportedly, customer data was not affected by the incident that occurred in February. However, Dish Network found that confidential records and sensitive information from current and former employees (as well as their families) were still compromised.

Dish Network also reported Maine Attorney General that 296,851 people were affected by the security breach. Among the information leaked were names and other personal identifiers combined with driver’s license or ID numbers.

The very fact of compromising the Dish Network confirmed on Form 8-K filed with the U.S. Securities and Exchange Commission (SEC) on February 28, but then did not disclose whether they belonged to her employees or clients.

Although the company itself did not name the specific group responsible for the cyber incident, reliable sources close to the Dish Network claim that it was the work of the Black Basta group.

The hackers reportedly first infiltrated Boost Mobile, a subsidiary of Dish Network, and only then into Dish’s corporate network. The attack took place early in the morning on 23 February. The attackers gained access to Dish Network’s Windows domain controllers and encrypted its servers VMware ESXi, including backups. This caused a massive outage that affected the performance of the company’s websites and applications.

Since the incident, Dish Network has been the subject of several class-action lawsuits in various states. They state that the company has poor cyber security and weak IT infrastructure. However, leaks and hacks are now happening everywhere, and it is hardly fair to blame the company for poor security, when cybercriminals come up with more and more sophisticated ways to extract confidential data every day. From such cyber incidents, few people are truly insured now.