US telco Dish said it is investigating a multi-day network “issue” that knocked some of its systems offline, leaving customers stranded from the web.
In an email to The Register on Monday morning, a Dish spokesperson said the satellite TV company is working to restore all of its systems “as quickly as possible,” but declined to answer questions about whether the outage was due to a ransomware infection, as has been widely speculated on social media.
“We experienced a systems issue with our corporate network on February 23 that is affecting our internal servers and telephone systems, and the issue is being investigated,” the Dish spokesperson said.
“Our DISH TV, Sling TV, Wireless services, and data networks continue to operate and are up and running. However, some of our corporate communications systems, customer care functions, and websites were affected. Our teams are working hard to restore affected systems as quickly as possible and are making steady progress.”
The company’s main website has a message thanking customers for their patience, but hasn’t provided any additional information about what happened or when it expects to resolve the issue.
Now on day four, the outage began as Dish was announcing its fourth quarter and fiscal year 2022 earnings.
This @dish ransomware situation is crazy. Their systems have been down FOUR DAYS. I wonder if they thought they could get away with not paying…
— Benjamin Miller (@benmillerMKE) February 25, 2023
British infosec watcher Kevin Beaumont said based on what he’s seen, Dish experienced a “destructive attack.”
“Based on network boundary, domain name changes and various other artefacts, it appears they may have experienced a destructive attack,” he said on Mastodon. “Even their business services are MIA. They have a series of sites hosted directly by WordPress.com, and even those have been deleted.”
The Dish outage follows several high-profile cyberattacks over the past week. This includes Canadian communications giant Telus, which last week said it was investigating whether crooks have stolen employee data and its source code, all of which is being offered for sale on a criminal forum.
Also last week Irish agricultural megacorp Dole confirmed a ransomware infection shut down some of its North American production plants. ®