Garmin Ransomware attack?

cantunamunch · Jul 25, 2020

No threads on this?

RobSN · Jul 25, 2020

Did you hear about the hacker?
He ran somewhere.

Actually, seriously, a bloody nuisance. Fortunately, memory being so cheap, I'd guess that my Forerunner watch and my Edge will retain a load of workouts and we can but hope that Garmin will have reloaded and rebuilt from backup before the memory runs out.

scott43 · Jul 25, 2020

I can't find my Garmin... :huh:

crgildart · Jul 25, 2020

Somebody is sooo f'ing fired! Don't click that link!

SBrown · Jul 25, 2020

scott43 said:
I can't find my Garmin...

I had that problem ... some sort of irony, to be sure. (Mine is an inReach thing)

crgildart · Jul 25, 2020

It's all fun and games until they use the Garmin access to hack the National GPS satellites.

Jwrags · Jul 25, 2020

As soon as they are up and running they will crash from the millions of devices trying to upload data at the same time.

Fuller · Jul 25, 2020

You can still upload files to Strava or Training Peaks manually.

scott43 · Jul 25, 2020

SBrown said:
I had that problem ... some sort of irony, to be sure. (Mine is an inReach thing)

InReach... Not anymore apparently!! :ogbiggrin:

Unpiste · Jul 25, 2020

What I wonder is, if an attacker got far enough into Garmin's system to shut them down for this long, what else did they do? I'd expect they had access to just about any user data they'd want.

Jilly · Jul 26, 2020

Glad I switched to Samsung....

scott43 · Jul 26, 2020

Unpiste said:
What I wonder is, if an attacker got far enough into Garmin's system to shut them down for this long, what else did they do? I'd expect they had access to just about any user data they'd want.

Well...it depends..ransomware is fairly trivial to execute..getting access to password-protected and likely encrypted data is somewhat harder. Besides, if all they want is $$ they don't need to bother doing the extra work..

I can tell you, it's frightening the number of actors, state-sponsored and otherwise, who try to hack into large corporate and governmental institutions. IT departments may seem dictatorial but there's sometimes a reason why... There's a whole lot of people with nothing better to do in the world..

cantunamunch · Jul 26, 2020

SBrown said:
I had that problem ... some sort of irony, to be sure. (Mine is an inReach thing)

I spent half a day on Friday looking for my Polar. I did find it but then other things happened.

Sometimes you just have to take a kayak week. Hmm. That might just turn into a month.

Unpiste · Jul 26, 2020

scott43 said:
Well...it depends..ransomware is fairly trivial to execute..getting access to password-protected and likely encrypted data is somewhat harder. Besides, if all they want is $$ they don't need to bother doing the extra work..

I can tell you, it's frightening the number of actors, state-sponsored and otherwise, who try to hack into large corporate and governmental institutions. IT departments may seem dictatorial but there's sometimes a reason why... There's a whole lot of people with nothing better to do in the world..

If the attackers didn't gain access to machines hosting user data, etc., how do you figure they managed to take Garmin down for multiple days, and why would Garmin pay them anything? One way or another, they've obviously managed to impact customer-facing services, and you're not going to be able to do that just by getting your ransomeware onto some unsuspecting employee's workstation.

It also seems like a pretty long shot that Garmin would actually pay. It's not as if Garmin could trust a single piece of data on a machine infected with ransomware anyway, and that's assuming they're even willing to negotiate. I'd certainly want to exfiltrate any and all data I could if I were the attacker here.

FWIW, some IT departments do seem to manage while being pretty hands off when it comes to employee workstations. I don't doubt that's much harder to do without compromising your network's security, though.

Ken_R · Jul 26, 2020

Will Garmin Pay $10 Million Ransom To End Two-Day Outage?

Garmin is reportedly being asked to pay a $10 million ransom to free its systems from a cyberattack that has taken down many of its services for two days.

www.forbes.com

cantunamunch · Jul 26, 2020

@Unpiste is spot on - and I received notice from Microsoft this morning that someone was changing my security info - on the Skype username associated with email address I used for Garmin.

scott43 · Jul 26, 2020

Ouch. That's not good news. Sorry fellas.

Unpiste · Jul 26, 2020

cantunamunch said:
@Unpiste is spot on - and I received notice from Microsoft this morning that someone was changing my security info - on the Skype username associated with email address I used for Garmin.

Huh. Glad my Garmin credentials won't get anyone access to any of my other accounts.

I'm assuming only your email address was required to trigger that alert? Otherwise that's really concerning if connected in any way to what's going on with Garmin. Even if you were sharing passwords, unless the password is easy to guess, that's the one thing that should literally be impossible for an attacker to get.

Pequenita · Jul 26, 2020

I've been trying to figure out the security impacts to end users. :huh:

I should probably change my passwords for fun... I think my Garmin credentials can get people access to various newspapers, the Atlantic, a couple of libraries, and meal kit subscriptions? Lol

cantunamunch · Jul 26, 2020

Yup, just the email address. All the passwords are different. I'm taking small comfort in that.

Garmin Ransomware attack?

Meh

Out on the slopes

So much better than a pro

Gravity Slave

So much better than a pro

Gravity Slave

Aka pwdrhnd

Semi Local

So much better than a pro

Booting down

Lead Cougar

So much better than a pro

Meh

Booting down

Living the Dream

Meh

So much better than a pro

Booting down

Making fresh tracks

Meh

Sponsor