Forbes reported on Thursday that the GPS giant Garmin was facing a $10 million ransom to free its systems from a cyber attack that caused many of its systems and production lines to close.
For four days, aviation and marine navigation systems weren’t able to operate, and active-life customers couldn’t log into apps to record their fitness sessions.
According to the Forbes report, many of Garmin’s files had been encrypted by WastedLocker malware. Each affected file had a ransom note attached that instructed the recipient to send an email request to “get a price for your data”.
Advanced data protection has become vital for companies of all sizes, not only to protect their systems but to safeguard their business critical data. Automated backup, disaster recovery and ransomware protection has become an integral part of a company’s risk avoidance strategy.
The WastedLocker ransomware resulted in Garmin’s IT department shutting down all the company’s computers, including those of remote-working employees, in the hope of stopping the malware from spreading further across its network.
On Thursday the multinational firm announced its call centres were down and it was “currently unable to receive any calls, emails or online chats.”
We are currently experiencing an outage that affects Garmin Connect, and as a result, the Garmin Connect website and mobile app are down at this time. (1/2)
— Garmin (@Garmin) July 23, 2020
On Monday morning Garmin had released more info:
We want to extend our sincerest apology for the inconvenience the outage has caused for our customers. We hope this FAQ answers some of the questions you have: https://t.co/e3lgtpZ1Ci
— Garmin (@Garmin) July 25, 2020
By Tuesday morning Garmin had announced that its systems were recovering as it had obtained a decryption key to recover its affected files.
We are happy to report that many of the systems and services affected by the recent outage, including Garmin Connect, are returning to operation. Some features still have temporary limitations while all of the data is being processed.
— Garmin (@Garmin) July 27, 2020
As a knock-on effect, companies that integrate its systems with Garmin, such as navigational platforms and the activity tracking platform Garmin Connect, have been affected too. Vitality customers, for example, have been assured by Discovery that their workouts will be synced with Garmin Connect once Garmin’s systems are recovered.
Opinion – It’s scary to think that a real-world attack like this can affect your and my day-to-day lives. Ten years ago, who would’ve thought I’d be unable to exercise because some or other virus hacked my watch? But this is our reality today. The Internet of Things has certainly improved our lives yet, at the same time, we’re at the mercy of its fragility.
What we don’t realise is that Garmin offers so much more than simple exercise equipment. Boats and yachts rely heavily on its navigational equipment, as do planes for satellite navigation. All of these services have been affected by the WastedLocker cyber attack.
My summarising question is this: At which point do we relinquish control and hand over our lives 100% to technology? I sense we’re already there, or thereabouts.
Then comes a supporting question: We protect our home-lives with alarms, burglar bars and dogs – will we now ensure that our digital lives are similarly guarded against outside intruders? Time to make that decision, ladies and gentlemen.
If you’re ready to protect your business, chat with IronTree about a cyber security strategy.