You might not have thought much about Garmin since smartphones took over from standalone GPS units, but the company still has a large and passionate base of fitness-tracking users. Those passionate users are understandably agitated as the company’s services have been down for the last day, thanks to a malware attack that may include a so-called ransomware element.
If you head to Garmin.com, at least at the time of this writing, you’ll see a message that mentions an “outage,” but that’s underselling it a bit. According to multiple reports, Garmin’s network has been the target of a cyberattack with ransomware elements. In the aftermath, Garmin’s website, the online Garmin Connect service, and the company’s call centers have been left unavailable. The outage began yesterday, and a leaked memo suggests the unexpected “maintenance” could last until tomorrow.
The shutdown prevents owners of Garmin’s fitness products, such as the popular Fenix smartwatches, from syncing their activities and checking stats. That’s sure to upset people, but the outage also extends to the company’s aviation databases and some production capacity in Asia.
Ransomware attacks have occurred with increasing regularity in the last several years. These schemes leverage the encryption technologies that underlie file security and communication for nefarious purposes. After gaining access to a computer system through a vulnerability or social engineering, the attacker uses ransomware to encrypt important files. Then, they demand payment (usually in Bitcoin) to provide the decryption key. Some ransomware campaigns do actually live up to their end of the bargain if paid, but others are just a scam to milk victims for as much money as possible.
This outage also affects our call centers, and we are currently unable to receive any calls, emails or online chats. We are working to resolve this issue as quickly as possible and apologize for this inconvenience. (2/2)
— Garmin (@Garmin) July 23, 2020
While individuals are sometimes hit for a few hundred dollars in ransom, businesses can be asked to pay much more to regain access to their data. Some internet ne’er-do-wells also threaten to leak confidential information if their demands are not met. Garmin holds vast amounts of sensitive health data that customers would certainly not want exposed. If there is any good news here, it’s that the ransomware strain cited in reports, known as WastedLocker, does not have data theft functionality. Imagine that, ransomware with principles.
Currently, Garmin has not confirmed any of this via official channels — the longer it waits, the worse things look. In the meantime, dedicated Garmin fans are becoming increasingly frustrated that their expensive tracking hardware doesn’t work.
Now read:
- Ransomware Scammers Get Scammed Themselves By Tor Proxy Hack
- Ransomware Groups Now Threatening to Release Stolen Data If Businesses Don’t Pay
- US Detains, Indicts UK Hacker Who Stopped WannaCry
from ExtremeTechExtremeTech https://www.extremetech.com/internet/313167-garmin-online-services-reportedly-hit-with-ransomware-attack
No comments:
Post a Comment