Speculation: GPS Device maker Garmin Paid $10 Mil To End Cyber Attack


The GPS device maker Garmin acknowledged Monday being victimized by a cyberattack last week that encrypted some of its systems, knocking its fitness tracking and pilot navigation services offline. It said systems would be fully restored in the next few days.

In an online statement, the company did not specify that it was the target of a ransomware attack, in which hackers infiltrate a company’s network and use encryption to scramble data until payment is received. But a person familiar with the incident response told The Associated Press the attackers had turned over decryption keys that would allow Garmin to unlock the data scrambled in the attack. The person spoke on condition they not be further identified. More

Garmin hasn’t publicly admitted to paying ransom to regain control of its networks, but observers believe the firm may have paid upwards of $10 million to a Russian outfit known as “Evil Corp” for the keys to the encryption that had taken control of the company’s network and files. Here

18 Comments on Speculation: GPS Device maker Garmin Paid $10 Mil To End Cyber Attack

  1. This kind of crap should come with the Death Penalty, no appeals, and no 20 year wait for the needle. This kind of stuff is just evil, and is done by nerds with an inferiority complex who are beyond greedy.

  2. The Russians are just trying to recoup their losses, since all that money paid into the Clinton Foundation didn’t exactly pan out in 2016.

  3. You would think that a big time web developer would have security? OK some small time outfit like Macys or some retailer with a website who cannot afford to do security but Garmin sells itself on GPS and stuff. Nothing is safe. You want to bank by phone, good luck! Not me.

  4. …one of my recipe/data logging systems got hit with a ransomware attack, you could tell because many files were encrypted and changed to a .EVIL extension. Probably those same folks. Seems the shift people were using a port IT left open for OEM access to surf the Web, and got a li’l something extra. Our IT folks had set up an external HDD for auto backup, but the attack ALSO followed to mapped drives and got that too.

    …well, my work goes back to the ’90s and I remebered when IT also failed to prevent an attack from called ILOVEYOU because it placed an .exe file in everyone’s Email and figured (correctly) that someone would be stupid or horny enough to click it, and it took down our assembly plant (that I was NOT at the time responsible for) but not MY stuff because my not-trusting nature kept an AIR firewall between IT assets and tool computer assets, so I knew from way back NOT to trust IT, especially since they offshored most of it, and had a backup mostly spun up, just needed some updating from an OFFLINE backup I personally kept and links to the IT printer, and we were up again with only minor data loss.

    I never even CONSIDERED paying off the Ransomeware guys.

    First, THEY WRECKED YOUR SYSTEM ON PURPOSE. And now you’re gonna ask them to FIX it?!? Gee, Trojan Horse much? Think you’ll get more and worse attacks later on, since you’re STILL running THEIR malicious code?

    Second, ok, you anonymously give them bitcoin. Whatcha gonna do if they give you NOTHING? It’s ANONYMOUS, idiot!

    Third, it’s sensitive systems filled with corporate secrets, regulatory required data, and some things pertaining to military production. Again, I’m gonna pay you and run YOUR already demonstrably malicious code going forward, maybe even you do MORE stuff IF you send a “fix”? Most ransomeware attacks are clickbait random and they don’t even know they attacked you successfully UNTIL you ask for help. THEN, they know who you ARE, and can exploit it FURTHER now that they know you exist and what you do.

    Forth, fuck you. I’m not stupid, I have my own CLEAN backups for the critical tool systems I personally manage, I DON’T need your “help”, and I’m DAMN sure not gonna REWARD you for halting my operations and making me WORK.

    NO SALE.

    …if Garmin did, in fact, knuckle to this, you might wanna consider other vendors. This would suggest that they have NOT learned how to code, and also that malicious code they KEPT can propogate ANYWHERE, even to YOUR consumer device that you may update by connecting to YOUR PC and THEIR infected systems. It kind of depends on what the attacker WANTS to do.

    …doesn’t mean it WILL happen…
    …but I, myself, don’t risk unnecessary exposure, nor would I trust a software designer that’s lost control of their software. I keep backups and software design is NOT what I do, you’d think someone that someone who DOES do it for a living would be better prepared if they were any GOOD at it.

    …but that’s just me, you do as you please…

  5. do they have guarantees that the hackers won’t come back and do it again?

    Of course not. They did however, possibly, learn to keep proper redundant systems segregated from the main network so if it does happen again it’s a matter of running simple scripts to put everything back to normal. As the dumbasses should have done in the first place. Heck, even little me who doesn’t have millions to lose runs an automated daily backup. It ain’t rocket science.

  6. My boy has made BIG $ for decades as a “legal hacker” for a big tech co. this is why!

    LIke being a Hessian 200 years ago. Hard work but pays very well.


    These nerds feel very good about themselves; your psycho analysis is wrong. They are not Bonaparte they are Ike

  7. I use Macrium Reflect to make an image of the entire hard drive on a removable sd card. If someone sends me ransomware, I just restore the latest image, then avoid whatever caused it.

  8. Congratulations Garmin, your lack of security just financed more of this kind of bullshit.
    Yes, I know there are still people that use ‘password’ as their password; they need to be discovered & sterilized.


Comments are closed.