Garmin experienced a cyberattack that completely disabled both Garmin.com and the app Garmin Connect, which acts as a corresponding companion app to many Garmin products. An outage was first announced via Twitter at 8:35 am on July 23, but since then, Garmin has announced the cause of the outage and has begun the process of making affected programs available again. This outage additionally affected its call centers and left Garmin unable to receive any online chats, calls, or emails from confused or angered customers.
Garmin Connect, when working effectively, is usually a convenient method to track your fitness statistics from your Garmin device on your phone. It can track any physical activity you complete while wearing your Garmin device. It can also help consumers set goals based on those statistics by acting as a fitness coach, and can even connect with your friends. In addition to Garmin Connect, other Garmin apps that were affected by the outage include Garmin Golf, Garmin Dive, vivofit Jr., ConnectIQ, and LiveTrack. flyGarmin, a GPS service used by pilots, was originally affected by this outage as well, although its functionality was restored prior to Garmin's other services.
According to an initial report by Forbes, the cause of the outage was a cyberattack against Garmin. The attackers allegedly demanded $10 million dollars in order to restore Garmin’s services. They had not stolen any user data, but had locked Garmin out of the system until the ransom was paid. At the time, Garmin’s response read, “Garmin has no indication that this outage has affected your data, including activity, payment or other personal information.” Since then, Garmin has confirmed that the prolonged outage was due to a cyberattack that encrypted its systems, but also reiterated that while the company were locked out of areas, no customer data was stolen. While more of the app's features continue to go back online, the current status of Garmin services can be checked here.
Garmin A Victim Of Ransomware
Garmin originally did not confirm that this outage was a result of malware, only referring to it as an “outage” that it was working quickly to resolve. This outage began on Thursday and for four days no system functionality was available. Garmin did not release any information about when the company expected to have service re-established, which aggravated many customers. On July 27, a statement was released confirming the attack was a result of hackers, and that it was working quickly to reestablish affected services. While not every service has full functionality restored, many more systems are back again, and almost all have at least, limited functionality.
With little initial information on what was the reason for a several-day outage, it is understandable that many individuals would have been upset. Releasing more information about the cyberattack as a whole might have been a more useful strategy for Garmin to initially use. Especially as with many "employee sources" presenting themselves in publications and still referring to the attack as a technological outage, it did not paint Garmin in a positive light.
Despite the initial response, Garmin has been quick to restore services following its announcement of a cyberattack. Currently, Garmin Express is the only service still completely down, and many of the other services have full functionality again. Though Garmin has not released any information regarding the ransom itself, since its services were not totally restored at once, it is likely that Garmin has attempted to salvage files or use those stored elsewhere, rather than attempting to work with the cyber-attackers. According to a 2017 study by Trend Micro, 33 percent of those who pay cyberattack ransoms don't have their files restored. As a result, Garmin has likely made the right move in this cyberattack sense.
Source: Forbes