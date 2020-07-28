Infosecurity Group Websites
Latest
News

Garmin Confirms Cyber-Attack as Ransomware Recovery Rumored

Garmin has finally admitted that its recent outage was caused by a cyber-attack.

In an update last week, the company initially said it was “experiencing an outage that affects flyGarmin and as a result, the flyGarmin website and mobile app are down at this time.” However, following rumors online that the company had actually suffered a ransomware attack, and that it had even paid a $10m ransom, the company has updated its statement to confirm that it suffered a “cyber-attack that encrypted some of our systems on July 23 2020.”

This resulted in many of its online services being interrupted, including website functions, customer support, customer facing applications and company communications. “We immediately began to assess the nature of the attack and started remediation.”

It said there was no indication that any customer data, including payment information from Garmin Pay, was accessed, lost or stolen and the functionality of Garmin products was not affected, and the only damage was to services which were taken offline. “Affected systems are being restored and we expect to return to normal operation over the next few days,” it added.

According to some reports, sources confirmed that the company had suffered a ransomware attack, and that it had been hit by WastedLocker, which SentinelOne explained was a “relatively new ransomware family which has been tracked in the wild since April/May 2020” and targets high-value companies.

Denis Legezo, senior security researcher at Kaspersky, said: “Technically speaking, WastedLocker is a targeted ransomware, which means its operators come for selected enterprises instead of every random host they can reach.

“The encryption algorithms in use are nothing special for ransomware: modern and strong. The ransomware’s operators add the victim company’s name in the ransom messages – the messages with information about how to contact the malefactors through secure e-mail services and the like. So it's pretty obvious they know for whom they came after.”

It was also reported by iThome that Garmin’s IT department sent a notice to various departments in Taiwan stating that internal IT servers and databases were attacked and production lines were also suspended for two days. Later it was rumored that the attackers had demanded a $10m ransom payment, and that Garmin had obtained the decryption key.

Related to This Story

What’s Hot on Infosecurity Magazine?

1
News

Blackbaud Breach Hits Nine More Universities

2
News

US Digital Bank Dave Admits Customer Data Breach

3
News

Garmin Outage Could Ground Aircraft

4
News

Sheffield Hallam University Confirms Blackbaud-Linked Data Breach

5
News

Phishing Scam Promises £400 Council Tax Cut

6
News

Vodafone Partners with Accenture to Offer Cybersecurity Services

1
News

Operators of VHD Ransomware Unveiled

2
News

Accountability Concerns Main Reason Security Pros Want to Quit

3
News

No More Ransom Initiative Reflects on Achievements on Fourth Anniversary

4
Interview

Interview: Dominique Shelton Leipzig, Perkins Coie LLP

5
News

Garmin Confirms Cyber-Attack as Ransomware Recovery Rumored

6
News

Identity Governance Business Critical as Orgs Return to Work, Say IT Experts

1
Webinar

Mitigating the Security Risks and Challenges of Office 365

2
Webinar

Key Technologies, Strategies and Tactics to Fight Phishing

3
Webinar

Identity Management for a Dynamic Workforce: Zero Trust Versus Risk-Based Security

4
Webinar

From Governance to Implementation to Results

5
Webinar

ISO 27701: The New Privacy Standard, and How You Can Get Certified and Compliant

6
Webinar

Using a Managed Security Service Provider in 2020: Everything You Need to Know

1
Interview

Women in Cybersecurity: Proofpoint's Sherrod DeGrippo Answers Your Questions

2
News Feature

Russian Attacks on #COVID19 Vaccine Developers: How, Why and What Happens Next?

3
Interview

Interview: Arti Lalwani, Practice Lead for ISO Services, A-LIGN

4
Blog

NIST Password Guidelines: What You Need to Know

5
Opinion

Using Threat Deception to Thwart Malicious Insiders

6
Blog

Data Security and Third-Party IT Asset Disposition: A Paradox