Dish confirms ransomware attack is behind system outage

Cybernews confirms ransomware is the cause of DISH network’s ongoing internal system outage.

US satellite broadcast provider DISH Network became aware of the attack Thursday morning after being hit with a company-wide outage on its internal network systems.

“On February 23, we experienced a cybersecurity incident that has affected some of our internal communications, customer call centers, and internet sites,” DISH told Cybernews.

DISH provides services for 19 million customers under its subsidiaries, including DISH TV network, Sling TV, and wireless carrier Boost Mobile – all affected by the outage.

DISH ransomware2
Message on the company's website. Image by Cybernews.

The system outage was first picked up by various news outlets and on social media, but it wasn’t until five days later that DISH publicly announced the outage was due to a cyberattack.

“On February 27, we became aware that certain data was extracted from our IT systems as part of this incident. It’s possible the investigation will reveal that the extracted data includes personal information,” DISH stated.

DISH filed a formal report with the Securities and Exchange (SEC) commission, as required by law, Tuesday.

Coincidentally, the initial attack corresponded with the company's quarterly earnings report to shareholders, who were apprised of the outage by CEO Erik Carlson during the phone call, the filing showed.

In the SEC report, DISH stated it had "retained the services of cybersecurity experts and outside advisors to assist and evaluate the situation" as per the company’s incident response and business continuity protocols.

“The forensic investigation and assessment of the impact of this incident is ongoing. The security of our customers’ data is important to us, and if we learn that information was compromised, we’ll take the appropriate steps and let any impacted customers know,” DISH stated.

DISH has been struggling to contain the attack and said internal communications, customer call centers, and internet sites are still affected.

“Many of our customers are having trouble reaching our service desks, accessing their accounts, and making payments. We’re making progress on the customer service front every day, including ramping up our call capacity, but it will take a little time before things are fully restored,” DISH stated.

As of Tuesday, the company said DISH TV, Sling TV, wireless services, and data networks were operating.

It is not clear if the unidentified threat actors have asked for a ransom.