Friday, 24 July 2020

Garmin Online Services Reportedly Hit With Ransomware Attack

You might not have thought much about Garmin since smartphones took over from standalone GPS units, but the company still has a large and passionate base of fitness-tracking users. Those passionate users are understandably agitated as the company’s services have been down for the last day, thanks to a malware attack that may include a so-called ransomware element. 

If you head to Garmin.com, at least at the time of this writing, you’ll see a message that mentions an “outage,” but that’s underselling it a bit. According to multiple reports, Garmin’s network has been the target of a cyberattack with ransomware elements. In the aftermath, Garmin’s website, the online Garmin Connect service, and the company’s call centers have been left unavailable. The outage began yesterday, and a leaked memo suggests the unexpected “maintenance” could last until tomorrow. 

The shutdown prevents owners of Garmin’s fitness products, such as the popular Fenix smartwatches, from syncing their activities and checking stats. That’s sure to upset people, but the outage also extends to the company’s aviation databases and some production capacity in Asia. 

Ransomware attacks have occurred with increasing regularity in the last several years. These schemes leverage the encryption technologies that underlie file security and communication for nefarious purposes. After gaining access to a computer system through a vulnerability or social engineering, the attacker uses ransomware to encrypt important files. Then, they demand payment (usually in Bitcoin) to provide the decryption key. Some ransomware campaigns do actually live up to their end of the bargain if paid, but others are just a scam to milk victims for as much money as possible. 

While individuals are sometimes hit for a few hundred dollars in ransom, businesses can be asked to pay much more to regain access to their data. Some internet ne’er-do-wells also threaten to leak confidential information if their demands are not met. Garmin holds vast amounts of sensitive health data that customers would certainly not want exposed. If there is any good news here, it’s that the ransomware strain cited in reports, known as WastedLocker, does not have data theft functionality. Imagine that, ransomware with principles. 

Currently, Garmin has not confirmed any of this via official channels — the longer it waits, the worse things look. In the meantime, dedicated Garmin fans are becoming increasingly frustrated that their expensive tracking hardware doesn’t work.

Now read:



from ExtremeTechExtremeTech https://www.extremetech.com/internet/313167-garmin-online-services-reportedly-hit-with-ransomware-attack

No comments:

Post a Comment