how did they know that they are paying the right group who attacked them and how did they know that the BTC address is for the attackers
I would imagine attackers either announce the attack beforehand, or just stops the attack in the specific time just to prove it's them.
I think their biggest mistake was to pay the ransom to someone who was abusing your servers by DDoSing them. I'm sure there would be cyber crime agencies that could have helped them track them down. Also, a lot of ddos protection services available online who could have helped them mitigate the attack.
Again, $6k is reasonable price even for small company.
Imagine you run internet-based business and got ddosed. You have to choose risking losing lots of current and potential clients as well as trust in your business (potentially you could even face a lawsuit, if it caused loss to any of your clients). Or you could just pay $6k and buy yourself enough time to come up with proper protection, so this won't happen again. What do you do?
Daily reminder, even FBI acknowledged that paying ransom is often the best option:
http://www.coindesk.com/fbi-malware-victims-should-pay-bitcoin-ransoms/