Garmin Services and Production Go Down After Ransomware Attack

An anonymous reader quotes a report from ZDNet: Smartwatch and wearables maker Garmin has shut down several of its services today to deal with a ransomware attack that has encrypted its internal network and some production systems. The company is currently planning a multi-day maintenance window to deal with the attack's aftermath, which includes shutting down its official website, the Garmin Connect user data-syncing service, and even some production lines in Asia. In messages shared on its website and Twitter, Garmin said the same outage also impacted its call centers, leaving the company in the situation of being unable to answer calls, emails, and online chats sent by users. The incident didn't go unnoticed today and has caused lots of headaches for the company's customers, most of which rely on the Garmin Connect service to sync data about runs and bike rides to Garmin's servers, all of which have been down today. Some Garmin employees are attributing the incident to a new strain of ransomware that appeared earlier this year, called WastedLocker, though this has not yet been verified.

Who this time?

[bogaboga]

Choose one...

Russia/China/Iran...

3...2...1...

Re:

[Weekend Triathlete]

Can I choose Garmin C-suite leadership for their boneheaded decision to outsource web application development to the lowest bidder? They got what they paid for.

Re: Who this time?

[saloomy]

Does this affect the DeLorme (now Garmin) inReach service that saves us mariners with the Satellite SOS signals? Does anyone know?

Re:

[timestocome]

According to this thread In Reach still works https://news.ycombinator.com/i... [ycombinator.com]

Re:

[lazarus]

Their web site [garmin.com] says that SOS services along with text and e-mail services are still available. I don't know if this affects weather updates and other services. I'm less than a week out from a major whitewater kayaking trip, so I'm relieved the emergency services are still functional.

Re: Who this time?

[saloomy]

Likewise but boating off the pacific. :) Safe travels to you and your company

Re:

[93 Escort Wagon]

Russia/China/Iran...

It seems unlikely that a state actor would put the effort into making a ransomware attack on a fitness wearables company.

Re:

[1s44c]

The usual routine is to pick one and blame them anyway.

Re:

[chill]

"Fitness wearables company"?

You're neglecting the fact Garmin is huge in both airline and maritime navigaion.

I'm not laying blame at anything other than incompetance and opportunistic criminals, but you can't just handwave Garmin off as a "fitness wearables" company.

Re:

[msauve]

>You're neglecting the fact Garmin is huge in both airline and maritime navigaion.

But do any of those depend on connected services back to the mothership? I'm guessing not, that those are standalone systems and they're still running just fine, even if they can't reach support or a website to download firmware updates.

Re:

[fdragon]

But do any of those depend on connected services back to the mothership? I'm guessing not, that those are standalone systems and they're still running just fine, even if they can't reach support or a website to download firmware updates.

Software for Air is down. This is going to have the effect breaking the ability to get accurate data needed to file a flight plan. Depending on the plane, this could result in effective grounding of a number of flights for the duration.

Truck Electronic Records Keeping used by long haul truck driving is likely effected (no article mentions Garmin is in this industry, but their website does mention the products). Depending on jurisdiction, and cargo, this could result in the trucks having to be halted for

Re:

[Cederic]

Software for Air is down. This is going to have the effect breaking the ability to get accurate data needed to file a flight plan. Depending on the plane, this could result in effective grounding of a number of flights for the duration.

If you can't plan your flight manually on paper maps then you shouldn't be in the fucking air.

Re: Who this time?

[Provocateur]

...unless those fitness wearables have location information on our troops.

Re:

[godel_56]

Choose one...

Russia/China/Iran...

3...2...1...

If it's ransomware for money then add North Korea. But Garmin has all its functions interconnected on the same network, even factory production? Really?

Re:

[awwshit]

North Korea.

Heh

[Anonymous Coward]

I deleted my Garmin account about five years when it was apparent that Garmin had absolutely no interest in allowing me to transfer and store my Vivofit information locally. I contacted them multiple times regarding privacy concerns over them harvesting activity data, but they didn't give a shit.

All I can say now is too bad and fuck you Garmin. You reap what you sow.

I found Garmins problem...

[sizzlinkitty]

Using microsoft products to run everything....

Re:

[1s44c]

Exactly. Practically nobody runs production systems on Windows these days, it's expensive and unreliable. That nonsense is reserved for places where the management are getting 'gifts' on the understanding their company keeps on buying Microsoft.

Running production on Microsoft is literally a sign of Management dysfunction.

Re:

[eneville]

Never known ransomware on Linux. I've heard of php via wordpress insecurities, but not something that starts by the desktop user.

Maybe Garmin will rebuild on Linux? Lower costs, easier to manage, win win, except for the lack of "gifts". Is that something Red Hat can do?

Is there a psychological element for marketing the company as a victim to earn sympathy?

Seems weird that people would deploy such a vulnerable system these days given the huge loss involved.

separate networks

[awwshit]

It shouldn't be possible to have ransomware spread to prod from the corporate network. Garmin obviously built for convenience and not security.

Oh, that explains that.

[jfdavis668]

I was looking to buy a new GPS, and the Garmin site had problems. Now I know why.