Garmin services and production go down after ransomware attack


Smartwatch and wearables maker Garmin has shut down several of its services on July 23 to deal with a ransomware attack that has encrypted its internal network and some production systems.

The company is currently planning a multi-day maintenance window to deal with the attack’s aftermath, which includes shutting down its official website, the Garmin Connect user data-syncing service, and even some production lines in Asia.

In messages shared on its website and Twitter, Garmin said the same outage also impacted its call centers, leaving the company in the situation of being unable to answer calls, emails, and online chats sent by users.

The incident didn’t go unnoticed and has caused lots of headaches for the company’s customers, most of which rely on the Garmin Connect service to sync data about runs and bike rides to Garmin’s servers, all of which went down on Thursday.


When ZDNet reached out for comment earlier, a Garmin spokesperson declined to confirm that the outage was caused by a ransomware attack, citing an ongoing investigation, and they redirected us to a message the company had shared on its website and Twitter profile.

However, since the incident took root at around 03:00am UTC, several Garmin employees took to social media to share details about the attack, all calling it a ransomware attack.

Some Garmin employees even went as far as to attribute the incident to a new strain of ransomware that appeared earlier this year, called WastedLocker — information that ZDNet has not been able to verify based on employee claims.

However, the incident appears to be much larger and more devastating than Garmin indicated via its initial statement.

Must read:

iThome, a Taiwanese tech news dedicated to IT topics and smart devices, shared an internal memo that Garmin’s IT staff sent its Taiwan factories, announcing two days of maintenance mode planned for Friday and Saturday, July 24 and July 25.

While the memo didn’t specifically blame the impromptu maintenance mode on a ransomware attack, sources told the Taiwanese news site the incident was caused by a “virus.”

In today’s cyber-security landscape, only ransomware attacks have the destructive effect to cause companies to shut down production lines, online services, websites, email servers, and call centers in a matter of hours and enter maintenance mode.

In the meantime, Garmin users have been sharing tips online on how to save run and bike ride info to Garmin partner services, such as Strava, to avoid losing their workout information until Garmin solves its current outage.

This is a developing story. More updates will follow.

learn more

View original article here Source