Smartwatch and electronics firm Garmin's computer networks were offline for the fourth time in a row after apparently falling victim to a ransomware attack affecting both aviation and fitness app services – and hackers claim $ 10 million Dollars for data recovery.
The company said on Twitter that its website and Garmin Connect fitness app have been offline since Thursday. The & # 39; flyGarmin & # 39; site used for flight databases was also down.
Garmin still hasn't offered an explanation for the failure, but security analysts said the reason is likely to be ransomware, a technique used by hackers to encrypt data and extort funds. Several reports indicate that Garmin from the Russian cybercriminal group Evil Corp. was ordered to pay the data at $ 10 million.
Garmin is asked to pay a $ 10 million ransom after a cyber attack has shut down its systems and apps, including the website, for four days
The navigation company was hit by a ransomware attack on Thursday that prevented customers from logging their fitness sessions in Garmin apps
The company's communications systems have also been disabled and it now appears unable to respond to frustrated and upset customers
Files shared by a Garmin representative show how a ransomeware file has been attached to each file, and tell the user details what to do next to get their data
A tweet shows the email address that Garmin employees should receive by email to restore access to their data
A hacker's note was attached to each individual data file in Garmin's systems, detailing how the company can restore access after paying a ransom
On Sunday evening, even the company's website could not load properly.
The security news website Bleeping Computer reported that a source familiar with the incident said Garmin had been attacked by the WastedLocker ransomware.
The ransomware attack encrypted the company's data, and the hackers responsible for the attack requested $ 10 million to release the data.
Screenshots show lists of the company files encrypted by the malware with a ransom note attached to each file.
A failure card shows how big the problem is with the company's apps
Who is the Russian cybercriminal Evil Corp?
Evil Corp is a Russian-based cybercriminal organization believed to be responsible for ransomware attacks against Garmin.
The group is known for developing and distributing Dridex malware that has been used to steal confidential information, including online banking credentials, from infected computers.
In 2016, the group was estimated to have received bank cards from customers at more than 300 banks and financial institutions in more than 40 countries that earned at least $ 100 million.
Evil Corp is a company run by a group of individuals based in Moscow, Russia.
In December 2019, the State Department announced a $ 5 million reward for information that led to the arrest of its leader Maksim Yakubets, who is believed to be responsible for managing and monitoring the group's malicious cyber activities.
The ransom note prompts the recipient to email one of two email addresses to receive a price for your data.
It is not clear if customer data has been compromised as the technology company continues to investigate and work to resolve the issue.
Some reports have the malware with a Russian cybercrime group called Evil Corp. connected.
In December 2019, the U.S. Treasury Department sanctioned Evil Corp. after causing more than $ 100 million in financial damage to the American banking system.
If Garmin wanted to pay the ransom, it could potentially violate U.S. sanctions.
The ransomware attack resulted in many of the company's systems being shut down.
Employees connecting from home via VPN were also cut off from Garmin's systems to stop the ransomware from spreading across the network.
Garmin was largely silent about the failure. The company tweeted on Saturday: “We currently have a Garmin Connect outage. This failure also affects our call centers. We are currently unable to receive calls, emails, or online chats. We are working to resolve this issue as soon as possible and apologize for the inconvenience. & # 39;
Brent Callow, a threat analyst at security firm Emsisoft, said he had no first-hand knowledge, but it certainly had all the characteristics of a ransomware incident.
"There is really no other event that could cause such a widespread disruption and cause a company to immediately shut down everything from its online services to its production line," said Callow.
Garmin Connect software unsuccessfully attempts to contact the company's servers to upload fitness data. Experience frustrated customers
A Twitter user posted an image showing that their Garmin smartwatch could not be updated
Garmin's online fitness tracking service is offline, so runners and cyclists cannot upload data from their latest workouts.
Garmin Connect, an app and website that works with the company's popular fitness watch line, was out of service on Sunday. The company apologized for the disruption late last week when it pointed out that the problem was more widespread and also affected its communication systems.
Garmin Aviation, which provides navigation and communication services for the cockpit, announced on its Facebook page that the website & # 39; flyGarmin & # 39; and the mobile app are not available.
Fitness enthusiasts used social media to express their frustrations at not being able to use the service.
Some Garmin users were angry that the company hadn't explained the reason for the failure within four days, while others mocked those who claimed that it disrupted their training routines
Runners said that the failure did not prevent them from training, but not using Garmin Connect means that they cannot track their training data or share their routes on Strava, a social network for runners and cyclists.
Caroline Dunn, Atlanta tech manager who runs five days a week and ended the 2018 New York Marathon, said the failure meant she and her running friends couldn't praise each other – Strava's version of Facebook's Likes – um to encourage each other.
"We don't do this for our health, we do it so that we can brag about our friends," said Dunn light-heartedly. “Now that we're all socially distant, I don't run in a group with my friends and they don't watch me run. I have to brag about all my runs online with my friends. & # 39;
The failure also prevents athletes from being able to demonstrate that they have completed virtual runs that replace the many races that were canceled due to the pandemic, Dunn said. Runners using the Garmin system cannot be classified because they cannot send GPS data to organizers.
A selection of Garmin's most popular products is shown above in a file photo
Smartwatch maker Garmin suffers from widespread outages after reportedly being attacked in a ransomware attack. A notification of the update can be found on the company's website
Connecticut runner Megan Flood saw the continued failure as both a curse and a blessing.
"It's partly frustrating because my Garmin is connected to my Strava (fitness app) and I like the community aspect of Strava," said Flood, 27, on Friday. “But sometimes it's nice not to be so connected to my device. I drove some of my best races when I forgot my watch or covered my watch face. So I think there are advantages and disadvantages associated with a watch. & # 39;
Tech-savvy users shared a workaround: Connect the watch to a computer with a USB cable and transfer the files manually.
Some users also complained that Garmin's lack of communication was a bigger problem.
Some Twitter users quickly mocked the situation in which Garmin and its wearers find themselves
(tagsToTranslate) Dailymail (t) News (t) Twitter