It is day 5 of the outage that Garmin has been experiencing, and the servers have begun to come back up. Garmin Connect appears to be syncing properly once more, and the company’s backups appear to have been successful. The corporation has said unequivocally that it was the target of a malicious cyberattack.
On Thursday, at around 7:00 in the morning, the whole thingamajig got underway. Garmin said that there was a problem with its servers, and we had no cause to distrust the company’s word.
As the hours (and then, the days) passed, rumours started to spread. A number of Garmin employees have taken to various social media platforms to confirm that the company has been the target of a ransomware assault. According to one source, the malicious actors demanded ten million dollars in exchange for the provision of the code that would enable Garmin to access the encrypted data and return everything to its previous state. The company’s servers and other machines that were connected to the system remotely were infected when the virus began its spread. The shrewd thing for Garmin to do was to put an end to the entire endeavour.
The majority of the time, the Kansas-based corporation has been silent, but on Saturday, it posted a frequently asked questions page on its website. This suggested that user information from Garmin smartwatches and GPS systems had not been hacked in any way. The business has said that it will remain on your smartwatch until the systems are back up and running, at which point you will be able to sync it. In addition, there is “no evidence” that the “outage” has harmed your history data that is lying on their systems or any payment information that has to do with Garmin Pay, as said in the statement.
The present situation with Garmin’s services
It would appear that this is correct, which will come as a relief to a great number of people. The servers are progressively being turned on, which makes sense given that there is likely to be a burst of activity owing to days’ worth of data that has not been synchronised. For instance, you are able to successfully synchronise your Garmin gadget with the software on your smartphone in London; similar success has been reported in a great number of other cities and countries.
Even if the sync is sluggish, it appears like there are very few, if any, gaps in the data. It is important to note that although you may use Garmin Connect for the majority of its features right now, the platform is not yet completely functional. This is the current state of affairs as of the time this article was written.
Today, Garmin has at long last admitted that there was, in fact, some kind of cyber assault. However, it did not specify whether or not it was a ransomware assault, nor did it disclose whether or not the business was infected with the WastedLocker malware. The complete statement from Garmin may be seen here.
“Garmin Ltd., just made the announcement that on July 23, 2020, our company was the target of a cyber assault that encrypted several of our systems. As a direct consequence of this, a significant number of our online services, such as website functionality, customer assistance, apps directed toward customers, and business communications, were disrupted. We wasted little time in beginning to investigate the nature of the assault and getting started on the cleanup. There is no evidence that any customer data, including payment information from Garmin Digital payments, was accessed, lost, or stolen, and there is also no evidence that any customer data was lost. In addition, the functioning of Garmin devices was not compromised in any way; the only thing that changed was users’ capacities to access internet services.
We are working to restore the affected systems, and we anticipate a restoration to regular business operations within the next several days. Because of this disruption, we do not anticipate any significant impact on either our business operations or our financial performance. We anticipate that there will be some delays when the accumulated information from the impacted systems is processed as our systems are brought back up. We would like to express our gratitude to our customers for their patience and understanding throughout this situation, and we plan to continue to deliver the great customer care and support that has become our trademark and history.
We can only hope that the forensics team was as thorough as they could be. If it turns out that this was a ransomware assault, the issue is more difficult than just recovering the platform from a previous backup. The IT personnel initially needed to determine how the hackers were able to access the system and then close any potential security flaws. It is very remarkable how quickly they were able to get the operation up and operating after it had been shut down. Although 5 days might seem like a reasonable amount of time, the reality is that these things typically take considerably longer.
The other challenge is determining which of the backups can be relied upon. It’s possible that the virus was dormant on the server for several days or even months before it was triggered. The data that may be used as blackmail could have been copied off the network by the intruders.
And the solution was not as straightforward as handing over ten million dollars to Evil Corp., which has been implicated in the attack.
Because of their participation in the decade-long hacking effort, the Treasury Department levied penalties not just on Yakubets but also on Evil Corp and two other suspected members of the organisation.
Because of the sanctions, it is nearly difficult for corporations headquartered in the United States to pay the ransom, even if they wanted to. This is because citizens of the United States are “usually barred from participating in transactions with them,” as stated in a statement issued by the Treasury.
According to Brett Callow, a threat researcher and ransomware expert at the security firm Emsisoft, the penalties make it “particularly challenging” for firms situated in the United States to cope with infections caused by WastedLocker.
On social media, there are a lot of comments and questions asking why users are unable to save their health data locally onto their phones and utilise the Garmin app while they are not connected to the internet. It’s possible that specifics regarding processed sleep data won’t be available because this is done on the server-side, but information regarding activities, hydration, weight, and steps should all be readily available. Yes, I think that would be wonderful. Possibly something for Garmin’s list of things to accomplish.
This is just one more wacky occurrence that will take place in the year 2020, which has an ever-growing list of them. While they wait for Garmin to return to providing services, as usual, some Garmin users are trying to make fun of the current predicament.
For instance, users on the Garmin Reddit community forum have proposed the creation of an “I survived Garmigeddon” badge. If we are all satisfied with it, the only thing that needs to be changed is the timing… good work!