Garmin Hit By Ransomware
Garmin admitted that its recent outage was caused by a cyber-attack. Following rumors online that the company had suffered a ransomware attack, and that it had paid a $10m ransom, the company has updated its statement to confirm that it suffered a cyber-attack that encrypted some of our systems on July 23 2020. This resulted in many of its online services being interrupted, including website functions, customer support, customer facing applications and company communications.
Garmin stated that there were no indication that any customer data, including payment information from Garmin Pay, was accessed, lost or stolen and the functionality of Garmin products was not affected. The only damage was to services which were taken offline. Affected systems are being restored and we expect to return to normal operation over the next few days.
According to some reports, Garmin had been hit by WastedLocker, which is a relatively new ransomware family which has been tracked in the wild since April/May 2020. WastedLocker is a targeted ransomware, which means its operators come for selected enterprises instead of every random host they can reach.
The ransomware's operators add the victim company's name in the ransom messages with information about how to contact the hackersthrough secure e-mail services. Garmin’s IT department sent a notice to various departments in Taiwan stating that internal IT servers and databases were attacked and production lines were also suspended for two days. Later it was rumored that the hackers had demanded a $10m ransom payment, and that Garmin had obtained the decryption key.