As we’ve seen Garmin down for a few days, the outage finally has a reason, with Garmin admitting ransomware is to blame.
Garmin has issued a press statement about the huge outage, and while it didn’t go as far as confirming a ransom was demanded for the release of its files, it said that it was a ‘victim of a cyber attack that encrypted some of our systems on July 23, 2020’.
As stated, the outage of Garmin’s systems began on July 23, and meant users of Connect (its fitness app) couldn’t sync their fitness watch, use online services or gain insights into their health.
The attack also hit the aviation and marine sections of its business – which even temporarily grounded the aircraft that relied on the systems Garmin provided to navigate in the air.
We’d like to thank all of our customers for your patience and understanding. For more information, please visit https://t.co/U3vwBre4U2.July 27, 2020
What actually happened?
While Garmin has admitted the attack, it hasn’t explained whether – as was widely reported – a ransom was demanded to unlock the files, and if it had the backup systems needed to avoid paying the rumored multi-million dollar price.
“As a result [of the attack], many of our online services were interrupted including website functions, customer support, customer facing applications, and company communications,” said Garmin.
“We immediately began to assess the nature of the attack and started remediation.”
The key question that’s been asked for the last few days – beyond when users would be able to gain access to services again – is whether user data has been compromised.
Given Garmin holds everything from location-based data to financial information on its users, it was crucial this data wasn’t exposed. On July 25 the fitness brand confirmed that there was ‘no indication’ that data was stolen, but the recent statement doesn’t give a huge amount more detail:
“We have no indication that any customer data, including payment information from Garmin Pay, was accessed, lost or stolen,” it added.
“Additionally, the functionality of Garmin products was not affected, other than the ability to access online services.”
When will Garmin Connect and other services be back online?
If you’re wondering when you’ll finally be able to navigate aquatic waterways or sync the data of your run to Strava, we’ve seen that services have finally begun to resume.
Garmin has confirmed operations are returning to normal, simply stating “Affected systems are being restored and we expect to return to normal operation over the next few days…As our affected systems are restored, we expect some delays as the backlog of information is being processed.”
This is a particularly difficult time for an outage of this magnitude to happen, as Garmin’s earnings call to investors is scheduled for July 29. However, the brand has been bullish on the impact of this cyber attack:
“We do not expect any material impact to our operations or financial results because of this outage.”
While many have been upset at the lack of communication from the brand, if it was working to restore its systems against a cyber attack, then it’s likely to have struggled to grasp the magnitude of the problem and not be able to provide an accurate timeframe for things to be fixed until now.
What is still unclear is whether or not the brand had the right level of cybersecurity in place to deal with this kind of ransomware attack – and how significant the impact of the attack was.
Garmin users will be feeling the effects of this attack for days to come as other services, such as Strava, say they’ll need time to deal with the backlog of data coming their way.