(C) Daily Kos
This story was originally published by Daily Kos and is unaltered.
. . . . . . . . . .



Ransomware - Six Days Later, Dish Systems Are Still Down [1]

['This Content Is Not Subject To Review Daily Kos Staff Prior To Publication.', 'Backgroundurl Avatar_Large', 'Nickname', 'Joined', 'Created_At', 'Story Count', 'N_Stories', 'Comment Count', 'N_Comments', 'Popular Tags']

Date: 2023-03-01

Do you know where you backups are?

This is a quick update from the diary I posted a few days ago.

Dish confirmed their situation with an 8K filing yesterday. Internal systems that process payments, support their call center, activate systems, and other critical activities remain down. Their stock price has taken a hit, as you might expect, hitting a new 52 week low today.

This is a double extortion attack. That means the perpetrators exfiltrated confidential data prior to encrypting the corporation’s systems, and are threatening to release this data, in addition to not providing the decryption key, if the ransom is not paid. It appears that their backups were encrypted as well, so whatever measures they took to protect their backups wound up being ineffective. Only a true air gap is a reliable defense in these situations.

Black Basta is the group/software involved here. They have ties to FIN7, a Russian-speaking operation affiliated with multiple ransomware gangs. These are not kid hackers operating from their parents’ basements. They are serious professionals with sophisticated tools and techniques that are in this for the money. And they are considered reliable. If you pay the ransom, they will solve your problem. Because nobody will pay the ransom again if you don’t deliver. An untraceable crypto payment is the expectation.

Unfortunately, we’re going to see more of this. The capabilities to inflict an attack are readily available. Financially-motivated bad actors and unfriendly nation states are big threats. A multi-layered defense that includes multiple backup sources, isolated from the rest of the network, is the only real answer. The security specialists that understand this stuff are worth their weight in gold.

[END]
---
[1] Url: https://www.dailykos.com/stories/2023/3/1/2155637/-Ransomware-Six-Days-Later-Dish-Systems-Are-Still-Down

Published and (C) by Daily Kos
Content appears here under this condition or license: Site content may be used for any purpose without permission unless otherwise specified.

via Magical.Fish Gopher News Feeds:
gopher://magical.fish/1/feeds/news/dailykos/

You are viewing proxied material from magical.fish. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.