Garmin hit with massive ransomware attack

Boyd

Administrator
Staff member
Site Administrator
Jul 31, 2004
9,891
3,046
Ben's Branch, Stephen Creek
Do you mean the paragraph from the Ars Technica article? If you read the rest of it, the US Treasury has sanctioned "Evil Corp" (really!) that is suspected of creating the ransomware that was used. So, if they actually paid the ransom, that would violate this sanction and pose a legal problem for Garmin. This might explain why Garmin is not providing any details.
 

Boyd

Administrator
Staff member
Site Administrator
Jul 31, 2004
9,891
3,046
Ben's Branch, Stephen Creek
Here's some more news on the ransom that Garmin allegedly paid...

https://news.sky.com/story/garmin-p...criminals-using-arete-ir-say-sources-12041468

"Smartwatch maker Garmin paid a multi-million dollar ransom to criminals who encrypted its computer files through a ransomware negotiation business called Arete IR, sources have told Sky News.

...Garmin had initially sought to pay the ransom using another firm which specialises in responding to these incidents. However, this firm responded that it didn't negotiate ransom payments in WastedLocker cases due to the risk of running foul of the sanctions.

The sources said after being initially rebuked, Garmin then sought the services of Arete IR, a firm which claims that the links between the WastedLocker ransomware and sanctioned individuals have not been proven."
 

Boyd

Administrator
Staff member
Site Administrator
Jul 31, 2004
9,891
3,046
Ben's Branch, Stephen Creek
Here's a start, but the US apparently does not participate...

"Law enforcement and IT Security companies have joined forces to disrupt cybercriminal businesses with ransomware connections.The “No More Ransom” website is an initiative by the National High Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre, Kaspersky and McAfee with the goal to help victims of ransomware retrieve their encrypted data without having to pay the criminals."

 

Boyd

Administrator
Staff member
Site Administrator
Jul 31, 2004
9,891
3,046
Ben's Branch, Stephen Creek
You want the US government to put members of a Russian company in jail? That doesn't usually happen. Don't let Garmin off the hook so easy, if their systems and procedures were more secure, this never would have happened or they would have been able to restore everything without paying the ransom.

And this great American company is dodging US taxes by locating their headquarters in Switzerland (something that you have to dig deeply on their website to discover). Before moving to Switzerland a few years ago, their headquarters were in the Cayman Islands (their US operations are based in Olathe, KS).

Look, I like Garmin and have probably spent more than anyone else around here on their products. But call it what it is.... they screwed up, then did something sketchy to pay the ransom and avoid US sanctions. Sure, the criminals responsible for the hack are scum and I would like to see them in jail too. But that isn't going to happen.

And let this be a lesson for all of us. What would happen if your computer was hacked and encrypted? Do you have a robust backup procedure that would let you restore everything? That may not be as simple as you think.
 
  • Like
Reactions: old jersey girl

Boyd

Administrator
Staff member
Site Administrator
Jul 31, 2004
9,891
3,046
Ben's Branch, Stephen Creek
Sure, that's a nice concept. But in this case, the US had previously sanctioned the "company" believed to be responsible and their leader has been wanted by the FBI along with a co-consipirator since 2019. Russia's ambassador to the US has said that the charges are "groundless". Let us know when the Russians arrest them. :D That was my point, the Russians aren't going to do anything about this and I don't know what else we could do beyond sanctions (which Garmin allegedly ignored).

 
Top