DISH Hacked - Websites are BACK ONLINE!

Have they fired their network security guy as of yet? This is just pitiful. I spent 8 years in a network NOC, and something like this is WORLD-WIDE call-out, and all hands on deck!
They must of, they have new people on the job now-
C8B6251E-DCC0-485B-83FC-DCC38D2EB5CE.jpeg
 
Have they fired their network security person as of yet? This is just pitiful. I spent 8 years in a network NOC, and something like this is WORLD-WIDE call-out, and all hands on deck!

In fact, back in 2012 I was on shift when around 2:15am, our entire network starting dropping from Japan, and heading West on a slow roll. In fact, we had JUST also converted all the phone to IP phones, so even those went down. I ended up getting major PTSD out of that, and had to start all the callouts using a cellphone to coordinate it all. Took about 9 hours to get everything back up and running. Everything had to be restarted, including the SAP systems.

You know what caused it? Charter/Spectum replaced some sort of card in their network, and it caused total fail-back across our ENTIRE worldwide network.

They figured it cost us about $1 million per hour for every hour of outage.

A year later something almost as bad happened, when one of our backup centers in Dallas went down due to somebody crashing a vehicle, and wiping out a fiber node.
Agreed on pitiful. This is 5 days!
 
  • Like
Reactions: charlesrshell
Agreed on pitiful. This is 5 days!
In what way? It takes just one person to screw the system up. One click, one download. The person doesn't have to be stupid, maybe overworked, or they were expecting something from the hacked email. One person, one PC, one device. That is all it takes today to send a system into a lockdown. Which is why desktops at work are going away and Cloud based systems are the future (becoming the present).

Once Ransomware is in the system, the whole thing has to be wiped away. That takes time. How many minutes times how many computers.
 
In talking with other IT folks, the concensious is they probably could have had back online quickly but they didnt do this as they wanted to figure out what caused it and how to prevent it going forward. If they do a restore of thing they would never know what happened so chances are it could happen again and again.
As someone who works in IT I think having this happen at my company where I oversee everything having this happen would be one of my biggest fears. I had to go through a lot of training and do a lot of changes here for us to get Cyber Insurance through Chubbs. It was a pain butt but know that I have done it and use it, its not so bad anymore. The biggest issue I have no is what Yubi Key I use for what function. :D
 
In what way? It takes just one person to screw the system up. One click, one download. The person doesn't have to be stupid, maybe overworked, or they were expecting something from the hacked email. One person, one PC, one device. That is all it takes today to send a system into a lockdown. Which is why desktops at work are going away and Cloud based systems are the future (becoming the present).

Once Ransomware is in the system, the whole thing has to be wiped away. That takes time. How many minutes times how many computers.
Well, not that this is factual, but the rumor I’ve heard is they refused to pay and they’re working on rebuilding a system outside of the current system that they can just move everything over and that’s what’s taking so much time. Looking at the record when it comes to paying providers, that doesn’t surprise me if it’s true.

The scenario described above, did it take five days or more?
 
  • Like
Reactions: charlesrshell
Well, not that this is factual, but the rumor I’ve heard is they refused to pay and they’re working on rebuilding a system outside of the current system that they can just move everything over and that’s what’s taking so much time. Looking at the record when it comes to paying providers, that doesn’t surprise me if it’s true.

The scenario described above, did it take five days or more?
For a smaller organization, yeah, about 5 days. And the way the business was done server wise was changed forever. Ransomware is an absolute disaster because you don't know how far back the backups are infected. Reminds of the days of the I Love You virus, which just found your jpgs and messed those up (who opens an attached from a client that says "I love you"?!). And that was well before digital photography had become so big. Also remember the Bleah virus from way back. I forget what they did (except maybe just spread), but I just remember there was a file that had an anomalous size that indicated the PC had it. That bad boy got around! But those were hassles with relatively easy fixes with file replacement (Bleah) or backups (JPG), ransomware is a complete nuking. You can't go back, or at least, you can't go back for long.

Generally one doesn't want to pay ransomware as it always carries a number of risks, but some are desperate. For Dish, it is harder because of the financial part of it and potential disclosure of lots of transactions with customers. They can't risk that remaining exposed.

I just find it exasperating how people are expecting Dish to manage this catastrophe in a couple days, when the task is a lot more involved than most people have ever experienced. The FBI is likely involved, insurance companies, new cloud based servers that they were likely thinking about moving to and got a shove off a cliff to make the transition.
 
In what way? It takes just one person to screw the system up. One click, one download. The person doesn't have to be stupid, maybe overworked, or they were expecting something from the hacked email. One person, one PC, one device. That is all it takes today to send a system into a lockdown. Which is why desktops at work are going away and Cloud based systems are the future (becoming the present).

Once Ransomware is in the system, the whole thing has to be wiped away. That takes time. How many minutes times how many computers.
I'll agree with that.

Our WORST inside people that did stupid stuff like this, was Loss Prevention guys checking out porn sites at night... Until everything was locked down, and that couldn't happen anymore. I can't remember us ever getting hit with Ransomware though, thank goodness, but there was email based replicator virii going around early in the days now and again.
 
Top