Garmin recognizes cyber attack, does not mention ransomware


BOSTON (AP) – GPS device maker Garmin Ltd. acknowledged Monday that it was the victim of a cyber attack last week. which encrypted some of its systems, disconnecting its services for monitoring fitness and pilot navigation. He said the systems will be fully restored in the coming days.

On an online account statementThe company did not specify that it was the target of a ransomware attack, in which hackers infiltrate a company’s network and use encryption to encrypt data until payment is received. But a person familiar with the response to the incident told The Associated Press that the attackers had released decryption keys that would allow Garmin to unlock the encrypted data in the attack. The person spoke on condition that they were no longer identified.

The attack paralyzed the company’s services, including Garmin Connect., which is popular with runners and cyclists for training tracking, and the FlyGarmin navigation service for pilots. A Garmin spokesperson said the company had no comment beyond its statement.

Online cyber security news site BleepingComputer identified malware such as WastedLocker, which various security firms have attributed to the Russian cybercrime gang Evil Corp. The US government announced in December that it was freezing assets of group members.

Garmin, based in Olathe, Kansas, said Monday that in addition to GPS-based services, the company’s customer service and communications were also disrupted by the July 23 attack.

“We have no indication that any customer data, including Garmin Pay payment information, has been accessed, lost, or stolen,” Garmin said in its statement. The attack also did not affect the functionality of any of its products, which include sports watches, he added.

Ransomware is a growing threat and experts say it will only get worse if victims continue to pay ransoms. In the United States last year, ransomware attacks on state and local governments, healthcare providers, and educational institutions only caused damage estimated at $ 7.5 billion, according to cybersecurity firm Emsisoft.

.