Garmin hit with massive ransomware attack

Boyd · Jul 23, 2020

I noticed problems early this morning when I wanted to check something on their site, but just now learned about this.

"Smartwatch and wearables maker Garmin has shut down several of its services on July 23 to deal with a ransomware attack that has encrypted its internal network and some production systems. The company is currently planning a multi-day maintenance window to deal with the attack's aftermath, which includes shutting down its official website, the Garmin Connect user data-syncing service, Garmin's aviation database services, and even some production lines in Asia.

In messages shared on its website and Twitter, Garmin said the same outage also impacted its call centers, leaving the company in the situation of being unable to answer calls, emails, and online chats sent by users."

Garmin services and production go down after ransomware attack

Smartwatch and wearable maker Garmin planning multi-day maintenance window to deal with ransomware incident.

www.zdnet.com

bobpbx · Jul 23, 2020

I don't understand why the World doesn't band together and fund a team to crucify those people who try to take away everything you have through ransom tactics. I'd love to be the one shutting the jail cell door.

RednekF350 · Jul 23, 2020

Wonderful. I was actually going to check out their site this weekend to check for nav chart updates for my 720 marine unit.
Oh well, I'll just have to operate in the good old Flat Earth mode.

Boyd · Jul 24, 2020

bobpbx said:
I don't understand why the World doesn't band together and fund a team to crucify those people

They really are scum. But ransomware is pretty far down on my list of things that the world should band together and stop.

And I don't think Garmin should get a pass here either, they should have had better safeguards in place. As of today, Garmin has not yet admitted that this was a ransomware event.

Garmin Outage Update

July, 23 2020

We are currently experiencing an outage that affects Garmin.com and Garmin Connect. This outage also affects our call centers, and we are currently unable to receive any calls, emails or online chats. We are working to resolve this issue as quickly as possible and apologize for this inconvenience.

https://newsroom.garmin.com/newsroom/press-release-details/2020/Garmin-Outage-Update/default.aspx

noboat · Jul 24, 2020

RednekF350 said:
Wonderful. I was actually going to check out their site this weekend to check for nav chart updates for my 720 marine unit.
Oh well, I'll just have to operate in the good old Flat Earth mode.

Don't fall off the edge

Boyd · Jul 25, 2020

"The ransom note tells the recipient to email one of two email addresses to “get a price for your data”. That price, Garmin’s sources have told BleepingComputer, is $10 million."

Will Garmin Pay $10 Million Ransom To End Two-Day Outage?

Garmin is reportedly being asked to pay a $10 million ransom to free its systems from a cyberattack that has taken down many of its services for two days.

www.forbes.com

bobpbx · Jul 25, 2020

I'd love it if it turns out they are actually using the time to, with outside help, determine how to send bogus data making it seem they actually paid the money, and trace it all the way to the groups bank account. But no, like most, they'll just roll over and either pay it, or go through the excruciating madness of recreating their systems.

Boyd · Jul 25, 2020

The problem is, I suspect that the cost of the damage could be well over $10 milliion. Garmin is an $18 billion company and having their systems down for so long is really making the people who depend on them mad. Garmin has been pushing people into "the cloud" for years now, their fitness devices all depend on it. So do their aviation devices. And their new GPS units too - remember, they have discontinued Basecamp and have already introduced a few new devices that are dependent on their web portal.

That's what is so maddening about these ransomware attacks, typically they set the ransom at a level where it is more financially wise to just pay. And it keeps happening because it works. I don't know much about bitcoin, but seems to me the whole point is that you can't trace where the money goes.

This could also do longer term damage to Garmin. If their systems are so vulnerable to attack, will people continue to trust them with their very personal data (everywhere you go, your schedule, medical data, etc)? And if you don't have one of these connected devices, do you ever use Garmin Express to update the maps and firmware on your GPS? Do you really know if Garmin is harvesting your personal data (tracks, waypoints) when your GPS is connected?

old jersey girl · Jul 25, 2020

noboat said:
Don't fall off the edge

There be dragons there

old jersey girl · Jul 25, 2020

Boyd said:
The problem is, I suspect that the cost of the damage could be well over $10 milliion. Garmin is an $18 billion company and having their systems down for so long is really making the people who depend on them mad. Garmin has been pushing people into "the cloud" for years now, their fitness devices all depend on it. So do their aviation devices. And their new GPS units too - remember, they have discontinued Basecamp and have already introduced a few new devices that are dependent on their web portal.

That's what is so maddening about these ransomware attacks, typically they set the ransom at a level where it is more financially wise to just pay. And it keeps happening because it works. I don't know much about bitcoin, but seems to me the whole point is that you can't trace where the money goes.

This could also do longer term damage to Garmin. If their systems are so vulnerable to attack, will people continue to trust them with their very personal data (everywhere you go, your schedule, medical data, etc)? And if you don't have one of these connected devices, do you ever use Garmin Express to update the maps and firmware on your GPS? Do you really know if Garmin is harvesting your personal data (tracks, waypoints) when your GPS is connected?

"harvesting data" ? Well, yes. NYTimes recently reported that software incorporated in drones made in China does that. Garmin systems used in drones?

Boyd · Jul 25, 2020

I don't quite see the connection between drones and Garmin. Was that a claim in the article? I don't think drones use Garmin, but they have a big presence in private and commercial aviation, and evidently that is affected since pilots cannot upload/download flight plans.

this_is_nascar · Jul 25, 2020

Here's what I get when I try to check my fitness device on my phone.

Boyd · Jul 25, 2020

Yes, that is the same message from their website, with no updates since Thursday. Disappointing that they aren't sharing more info about what happened and when it will be fixed.

Boyd · Jul 26, 2020

"Garmin's long-running outage is a case study in how not to handle an IT meltdown and cybersecurity attack and may indicate a longer recovery than expected."
= = = =
"Based on Garmin's crisis management since late last Wednesday, things aren't looking so hot. At first, Garmin met the issues with silence, then a short Tweet noting problems. On Saturday, the company followed up with a vague FAQ that didn't address the big questions"

Garmin's outage, ransomware attack response lacking as earnings loom

Garmin's response to a cyberattack has been less than stellar, but earnings loom and Wall Street will want answers just as much as customers do.

www.zdnet.com

Teegate · Jul 26, 2020

It would be interesting to know what is going on in that company right now.

Boyd · Jul 26, 2020

Total confusion and panic?

Boyd · Jul 26, 2020

"...the short version is that Garmin's issues just got worse. It's one thing when Garmin tells you your data is ok and stored on the watch. It's another when the watch doesn't collect data properly and fails to connect to the GPS signal. At that point you're wearing a pricey brick on your wrist."

Garmin Fenix smartwatches hit with GPS, run and activity saving glitch amid outage

Garmin's smartwatch woes continue as GPS and run tracking for distance wasn't available. This glitch, which also applies to indoor activity tracking, means the Fenix is caught in a "saving" loop that requires a reset.

www.zdnet.com

old jersey girl · Jul 26, 2020

That sound you hear is the not-all-digital-all-the-time forum members snickering.

Boyd · Jul 27, 2020

"Systems appear to be recovering following a major system outage that took Garmin down on July 23 and lasted throughout the weekend. The flyGarmin service came back online earlier today, and it appears that some users' runs and rides are now beginning to appear on Garmin Connect."

Garmin down: latest outage updates as recovery from cyberattack continues

Garmin has confirmed a large cyberattack to its online platforms

www.techradar.com

Boyd · Jul 28, 2020

Garmin issues statement on recent outage - Garmin Newsroom

Affected systems are being restored and normal operation is expected soon OLATHE, Kan.–(BUSINESS WIRE)– Garmin® Ltd. (NASDAQ: GRMN), today announced it was the victim of a cyber attack that encrypted some of our systems on July 23, 2020. As a result, many of our online services were interrupted...

newsroom.garmin.com

"OLATHE, Kan.--(BUSINESS WIRE)-- Garmin Ltd. (NASDAQ: GRMN), today announced it was the victim of a cyber attack that encrypted some of our systems on July 23, 2020. As a result, many of our online services were interrupted including website functions, customer support, customer facing applications, and company communications. We immediately began to assess the nature of the attack and started remediation. We have no indication that any customer data, including payment information from Garmin Pay™, was accessed, lost or stolen. Additionally, the functionality of Garmin products was not affected, other than the ability to access online services.

Affected systems are being restored and we expect to return to normal operation over the next few days. We do not expect any material impact to our operations or financial results because of this outage. As our affected systems are restored, we expect some delays as the backlog of information is being processed. We are grateful for our customers’ patience and understanding during this incident and look forward to continuing to provide the exceptional customer service and support that has been our hallmark and tradition."

Garmin’s four-day service meltdown was caused by ransomware

Provider of GPS services for navigation and wearable devices is returning to normal.

arstechnica.com

"Citing an unnamed number of security sources, Sky News reported that Garmin obtained the decryption key. The report lined up with what the person with direct knowledge told Ars. Sky News said Garmin "did not directly make a payment to the hackers," but didn't elaborate. Garmin representatives declined to provide confirmation that the malware was WastedLocker and if the company paid any sort of ransom."

Garmin hit with massive ransomware attack

Administrator

Piney

Piney

Administrator

Explorer

Administrator

Piney

Administrator

Explorer

Explorer

Administrator

Piney

Attachments

Administrator

Administrator

Administrator

Administrator

Administrator

Explorer

Administrator

Administrator