Jul 27, 2020 11:50:00

All the services of Garmin, a major GPS device, stop for an unusually long time, the cause is a ransomware attack

A failure occurred in all services including the application ``Garmin Connect'' provided by

Garmin, which is known as a major manufacturer of GPS devices and wearable terminals used for outdoor applications, sports, fitness, etc., July 23, 2020 Has been unavailable since. The cause has not been revealed, but sources have told us that they are being attacked by ransomware.

We are currently experiencing an outage that affects Garmin Connect, and as a result, the Garmin Connect website and mobile app are down at this time.(1/2)

— Garmin (@Garmin) July 23, 2020

This outage also affects our call centers, and we are currently unable to receive any calls, emails or online chats. We are working to resolve this issue as quickly as possible and apologize for this inconvenience. (2/2)

— Garmin (@Garmin) July 23, 2020

[Contact] Garmin Connect cannot connect because of urgent system maintenance. We apologize for the inconvenience, but please wait for a while until the recovery.

— GarminJP (@GarminJP) July 23, 2020

On the notification page, it was announced that some functions and services were unavailable due to the suspension of the system including Garmin Connect, and that the call center could not receive phone calls, emails, or online chats. I am.

Garmin Outage-Garmin Outage
https://www.garmin.com/ja-JP/outage/

Looking at the status screen of Garmin Connect, all statuses are 'DOWN' as of 11 o'clock on July 27, 2020.

Garmin Connect | Status

https://connect.garmin.com/status/

Although the cause of this matter has not been announced by Garmin, the news site Bleeping Computer gathered internal information and information from extremely detailed sources and was attacked by ransomware called 'Wasted Locker'. I am reporting.

Garmin outage caused by confirmed WastedLocker ransomware attack

https://www.bleepingcomputer.com/news/security/garmin-outage-caused-by-confirmed-wastedlocker-ransomware-attack/

According to an information provider to Bleeping Computer, he came to work on Thursday, July 23, 2020 local time, and learned that he was the first to be attacked by a cyber attack. Not only inside the company, but because the terminals were encrypted, including the computers at the employees' homes that were connected by VPN, the IT department of the company tried to remotely shut down all the machines on the network, but without success, the employees I was told to shut down the accessible computer.

According to security-related editor Zack Whittaker, the ransomware 'Waster Locker' is known to be used by the famous Russian hacker group 'Evil Corp'. However, this attack is believed to have come from Taiwan.

New: An ongoing outage at Garmin was caused by ransomware, according to two sources with direct knowledge of the incident.

WastedLocker, A Ransomware Strain Used By A Notorious Russian Hacking Group - Sanctioned By The US Treasury -. Is Likely To Blame Https://T.Co/DPpCvjncJp

— Zack Whittaker (@zackwhittaker) July 25, 2020

The attacker told Garmin that he would reveal the amount of 'ransom' for decrypting the data by contacting him with 'ProtonMail,' a privacy-friendly mail service .

As mentioned above, it is unknown whether Garmin contacted the attacker because Garmin did not reveal that it was attacked by cyber attacks in the first place, but Bleeping Computer said that the ransom was $ 10 million (about 10 560 million yen).

Even if it's not a cyber attack, the fact that the service has been down for five days and the situation is unknown makes me worried about what is happening.