Garmin hit by ransomware attack

[wkearney99]

Apparently Garmin's systems (some in Taiwan, perhaps elsewhere) were hit by a malicious software hack that has ransomed their data.

Not a lot of details known yet, but rumor has it to be based on the WastedLocker malware. One that's usually customized per attack, and is known to aggressively attack not only working systems, but also any online backups. The idea being recovery from offline backups often takes quite a lot longer (and doesn't always work) versus paying off the ransom.

 

[rsn48]

Nothing is coming up when I google "has Garmin software been hijacked?"

 

[rochepoint]

Have a look at: https://www.androidcentral.com/garmin-connect-suffers-multi-hour-outage

 

[wkearney99]

lmgtfy: https://www.google.com/search?q=garmin+ransomware

 

[rsn48]

I found reference to the Garmin problem about twenty minutes after my post but the one I read was discussing Garmin watches but I'll look further. I just installed all new Garmin everything.

 

[Knot Fast]

Still down at 730a EDT Friday.
I tried calling for some tech support yesterday and that is also down.
Of course, they have a lot of my personal data. I wonder if that is compromised as part of the hack.

 

[CaptTom]

They're saying the InReach messaging and SOS signaling is still working, so that's one good thing. Lots of other functions, like sync'ing, seem to be down. Luckily my InReach is all set up to go and the data plan is already activated. If this goes on for any length of time, it'll be bad for many InReach users. That thing needs to sync for just about any change you want to make.

 

[RT Firefly]

Greetings,
Mr. KF. Pretty well everybody has a lot of everyone's personal data. That's supposedly what insurance is for.

 

[Chrisjs]

Time to pull out paper charts again!!

 

[MurrayM]

They're saying the InReach messaging and SOS signaling is still working, so that's one good thing.

Nice. Hackers with a moral compass, not wanting to endanger people.

Let's see if that holds if "negotiations" start to drag.

 

[CaptTom]

Nice. Hackers with a moral compass, not wanting to endanger people.

I seriously doubt that. It's more likely the systems they hacked were separate from the ones which manage the InReach communication. That may all be outsourced, or it could be the old Delorme stuff was never integrated. Look at the crappy job they did bringing in ActiveCaptain.

I hope they can get things back without paying a ransom, but there is some poetic justice in Garmin being forced to pay for data.

 

[rsn48]

I hope they can get things back without paying a ransom, but there is some poetic justice in Garmin being forced to pay for data.

Its not Garmin who will be paying the ransom.

 

[Benthic2]

I can't even sync my watch with my phone to know how many steps I've taken today!!

 

[MurrayM]

Its not Garmin who will be paying the ransom.

Good point...just like us honest people pay for shoplifters.

 

[twistedtree]

This is all a really good example why I avoid putting anything important in "the cloud". And why I don't want things that are remotely accessible via the cloud. With all your gadgets connected back to the company you bought from, when they get hacked, you get hacked. Just wait until someone hacks one of the car companies and starts remotely stopping and starting everyone's cars. That will be fun.

 

[sunchaser]

For years I've struggled with the need to constantly "update" my charting data, leaving the systems vulnerable to the hackers out there. Let the hackers go nuts, just wait awhile to access the Garmin mothership.

 

[OldDan1943]

Folks, and this is why I strongly recommend to maintain a set of reasonably current charts onboard paper charts and written position either posted on your chart or on a piece of paper.

 

[SteveK]

Folks, and this is why I strongly recommend to maintain a set of reasonably current charts onboard paper charts and written position either posted on your chart or on a piece of paper.

Dan, not disagreeing on paper backup, but are you saying the charts in out instruments are in a cloud. I thought once downloaded they are onboard

 

[OldDan1943]

Dan, not disagreeing on paper backup, but are you saying the charts in out instruments are in a cloud. I thought once downloaded they are onboard

I have no idea.
I do know some folks update various programs, without thinking, only to discover the update was corrupted.

 

[sunchaser]

Dan, not disagreeing on paper backup, but are you saying the charts in out instruments are in a cloud. I thought once downloaded they are onboard

SV
My Furuno/Nobeltec/Raymarine charting programs whether in hard wired plotters or in either of my two laptops, have no access to the Internet unless I manually log on. Navionics on an IPad are a different story.

Some Garmin users log on frequently it seems to collect new data, download hydro graphics or find a new restaurant. I'd guess these activities to be subject to hacker risk.

 

[wkearney99]

Latest rumor is the ransom is $10 million.

 

[OldDan1943]

Latest rumor is the ransom is $10 million.

LOL, a Go Fund Me opportunity? Yea right.

 

[mvweebles]

From Forbes. $10m is indeed the number

https://www.forbes.com/sites/barryc...0m-ransom-to-end-two-day-outage/#27d86ee43164

 

[psneeld]

For new boaters....charts are charts...whether in a plotter, on a computer, or on paper.


Just like going paperless in other areas of your life, with the proper management and backup, not only is it just as safe as paper, more convenient in most ways.


Exactly why even the most neanderthal organizations as they view boating safety requirements (not a bad thing when your life depends on it)...allow electronic charting and publications with the same "safety" rules to mostly assure redundancy and proper use.


I've know more paper charts to blow out pilothose doors/sailboat cockpits or be damaged from wind and rain than times I have ever lost or heard of people recently losing electronic nav capability.

 

[Benthic2]

Garmin is still down....