Garmin shuts down services after suspected ransomware attack

We got used to many comfortable gadgets in today’s IoT-world, but dangers are lurking everywhere and as Garmin seems to be hit by a ransomware attack, there might be yet another discussion coming how much more relevant services need to be secured.

Image for post
Image for post
Garmin-Logo — Photo Credits: Garmin

Brave new world

Many of you Garmin-user will already have noticed that something was different yesterday evening. Some Garmin-services had connection problems and later that evening CET, rumors spread that the vendor was possibly hit by an enormous ransomware attack. Delivering not only the hardware but also the infrastructure these services rely on (and are — as we have experienced — pretty useless without it) this still unconfirmed attack seems to have struck Garmin completely. While all of our Garmin-gadgets and tools are still dead at the time of writing, Garmins internal communication seem to be affected as well.

In the meantime, the company did also confirm a sum of problems, stated as „We are currently experiencing an outage that affects Garmin.com and Garmin Connect. This outage also affects our call centers, and we are currently unable to receive any calls, emails or online chats. We are working to resolve this issue as quickly as possible and apologize for this inconvenience“ on Garmin’s official website. Looking at the official status-page for all company-related services, the whole picture doesn’t get better: All (!) services are currently offline and accessories like the smartwatches helping you to track your activities for example are plain dead as there is no working infrastructure to exchange data with.

It has begun

Yesterday evening, the company’s Indian branch first tweeted about some servers being shut down due to planned maintenance nine hours ago that would limit the performance of the Garmin Express, Garmin Connect mobile and website.

Some hours later, the official Twitter-account confirmed the status quo

as well as Garmin’s Facebook-page did

showing that the problem had other extents than assumed before.

Unconfirmed WasterLocker ransomware attack

While Garmin says that its services and call centers are down because of an outage, Garmin employees are sharing a different version of what actually happened, says BleepingComputer.com. According to the security website, multiple unconfirmed reports are mentioning a ransomware attack that successfully locked some of the company’s systems, forcing Garmin to take down parts the Garmin.com-website and the Garmin Connect data sync service which is vital for all those wearables.

According to the same reports, Evil Corp gang’s WastedLocker ransomware was allegedly used in the attack that caused Garmin’s outage. This named ransomware-strain is known for being used in attacks targeting corporate networks with its operators asking for ransoms of millions of dollars.

iThome also published a report on a Garmin internal memo earlier yesterday evening about a „virus“-attack affecting the company’s internal IT servers and databases that caused Garmin Taiwan factories to shut down production lines for two days, starting today. Last year, Garmin Southern Africa (Garmin SA) disclosed that payment and sensitive personal info were stolen from customers who placed orders on the country’s local shopping portal as part of a Magecart-attack with the help of a card skimming script injected within the portal’s checkout pages.

Waiting for updates

At the moment, an official statement of Garmin is still overdue but as always, we should take all information revealed so far with a grain of salt. Whatever has happened at last, this issue shows once again that especially IoT-infrastructure that embraces our daily life by delivering services we already see as plain standards needs to be secured with even higher standards. This new world is even more comfortable than ever before, but with great power comes great responsibility and so we need to focus the availability of modern IT-services and infrastructure with other, more critic, eyes. Whatever may have caused the issue here, it wasn’t the first and it won’t — by far — be the last.

Garmin’s famous slogan “#BeatYesterday” now comes with a flavour of the ironic while the users hope that the services are restored soon — until it will be hard to track if your sporting-performance of today was better than yesterday’s one!

Written by

Dad. IT-Guy. Cloud-Addict. Apple at Home, Windows at Work, Linux in between. Convinced -Fanboy. Metal-, USA- and UK-Lover. Traveler. Photographer. Maverick.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store