Garmin problems today?

A few places are saying it is a ransomware attack. Hopefully it is sorted before the next NavData cycle.
 
Ransomware? Nice, Garmin, Nice.
 
“IT dept gets another lesson in what wasn’t truly set up to be redundant. Film at 11!”

LOL. Yay outages. Server farm appreciation day!

CloudFlare was down for thirty minutes earlier this week in one US region. Wiped out all sorts of websites that should know better than being single-sourced for anything... heh.

I’m digging this new mainframe world! All my outages are some huge vendor’s fault again for putting all the eggs in one basket!

“Oh look. Some router guy took out half the country at Comcast again! Where’s my popcorn? The comments at DownDetector should be good. Did our stuff switch carriers correctly? Cool.”
 
A few places are saying it is a ransomware attack. Hopefully it is sorted before the next NavData cycle.

The charts that came on our new unit expired last week and I wasn't able to get signed up for a subscription because I didn't have the unit ID handy. I got the number today and tried to sign up and found the web site down. Hopefully this won't take too long to sort.
 
anyone have concerns about opening GP on their phone/tablet?
 
anyone have concerns about opening GP on their phone/tablet?

It runs just fine. You still get weather and can plan (but not file) a flight. It will still show where you are and track your flight and log it (if you have that enabled).

What you cannot do: File a flight plan, update any expired downloads, or synchonize any of your data (all of the items listed on the "Synch" screen). Your device will maintain the changes (ie: new logbook entries) and wll sync again when the servers become available.
 
Looks like some of the functions have been retored as of the momentScreenshot_20200724-081825_Pilot.jpg :
 
yep...restored right to the russians database!

And what exactly are they going to do with my flightplans, waypoints, or logfiles?
Are they going to threaten to erase my user waypoints? Oh dear me, what will I do?
If no one paid these idiots this wouldn’t happen.
 
And what exactly are they going to do with my flightplans, waypoints, or logfiles?
Are they going to threaten to erase my user waypoints? Oh dear me, what will I do?
If no one paid these idiots this wouldn’t happen.

and yet another well thought out reply, mooneydriver. garmin pilot stores a lot of my personal data. while I was kidding about the russians, have you never heard of security breaches where they steal personal data? is that a new concept to you?
 
Another reason to keep current paper charts and remember how to call departure to file a flight plan.
 
and yet another well thought out reply, mooneydriver. garmin pilot stores a lot of my personal data. while I was kidding about the russians, have you never heard of security breaches where they steal personal data? is that a new concept to you?

But what data? It’s not like bank accounts, SS # or any data that isn’t publicly available? In other cases like Target it was credit card numbers. AFAIK, Garmin only has my address and phone number and email.
 
and yet another well thought out reply, mooneydriver. garmin pilot stores a lot of my personal data. while I was kidding about the russians, have you never heard of security breaches where they steal personal data? is that a new concept to you?

Presumably any prior usage of garmin's apps will have your data already on their servers. Launching the app once more won't matter.

This was a ransomware attack, from what I've been reading, and not a data breach. So the problem is actually in reverse -- garmin can't even read the data they have on you until they pay Sergey Ivanov his 10,000 bitcoins :D
 
Presumably any prior usage of garmin's apps will have your data already on their servers. Launching the app once more won't matter.

This was a ransomware attack, from what I've been reading, and not a data breach. So the problem is actually in reverse -- garmin can't even read the data they have on you until they pay Sergey Ivanov his 10,000 bitcoins :D

Ok. I’ll assume they’re being polite cyber security terrorists and not reading the data, only holding it for ransom.
 
Ok. I’ll assume they’re being polite cyber security terrorists and not reading the data, only holding it for ransom.

I get what you mean, but if this dude has access to garmin's data, he's got it from your previous uses of the app.

Most ransomware attacks I'm familiar with don't access data directly or download it -- they leave a resident program on some poor schmoe's PC which starts propagating on a network and encrypting stuff. If the PC is a server, or the schmoe had access to servers, well, that's what gets encrypted and a sh*tstorm ensues, like the one Garmin is enjoying at the moment. It's actually harder and takes way longer to suck all of the data back out to the attacker or browse around looking for data gold -- when a few-kilobyte virus can get them immediate profit by wreaking this sort of havoc. Who has time to steal terabytes of data these days? :D
 
Ruh roh.

https://www.bleepingcomputer.com/ne...-by-confirmed-wastedlocker-ransomware-attack/

"A source close to the Garmin incident response with first-hand information has confirmed to BleepingComputer that Garmin was attacked by the WastedLocker ransomware...

Evil Corp (WastedLocker) ... a Russian-based cybercriminal group ... was sanctioned by the U.S. Treasury Department in December 2019 after being charged for using Dridex to cause more than $100 million in financial damages.

Due to this, it is a tricky situation for Garm
in if they want to pay the ransom as they would potentially be violating United States sanctions."

 
I guess they're finding out if their backup plan was any good.

BTW, I first got the outage notice on a Garmin fitness tracker app. I can still read my stuff on the tracker's built-in display; just can't upload it to the app.
 
It appears to be up now, I can log in and apparently do an update(don't have my cards handy so I can't try).
 
Not working for me. I get far enough to launch flyGarmin on windows (an improvement from yesterday) but I then get one of a couple of different errors suggesting a communication issue talking to Garmin.


Sent from my iPhone using Tapatalk
 
well I figured fk it and opened GP on my iphone. apparently it updated to the latest version and everything seemed to work fine. then I opened flygarmin and that seems to be working as well. shortly after that, the russians knocked on my door and said 'we have ways of making you talk' (in those Ivan Drago accents they all have).
 
These types of ransomware attacks are less about the personal data and more about interrupting Garmin’s ability to do business. If they cannot recover quickly enough it’s possible some c-Suite person will look at the numbers, revenue loss vs ransom, and just say pay it. At least that’s what the cybercrimInals are hoping for.
 
These types of ransomware attacks are less about the personal data and more about interrupting Garmin’s ability to do business. If they cannot recover quickly enough it’s possible some c-Suite person will look at the numbers, revenue loss vs ransom, and just say pay it. At least that’s what the cybercrimInals are hoping for.

There’s documented cases of both just wanting the money and also collecting the data. It’s not an either/or thing. Can be both.

Once you’re in there and went to the trouble, sending data out is just icing on the cake.
 
I have never figured out why ransomware never occurs as a timebomb.
They could have it so that it quietly infects all data including backups.
Right now I have only read about it infecting the data soon after infection.
Once the virus is in, it is not long before they are asking for payment.
BUT, many companies have a backup from an hour ago, or a day ago, or a week ago - and these backups do not seem to become infected...so some of these affected companies can do a wipe & reinstall, keep on trucking.
If the ransomware thieves got smart they would make it hangout quietly for a while then 'explode' a week later, after everything was infected making it impossible to wipe & reinstall.
 
Hmm, wonder if this is why my Garmin connect app isn't working. Kinda sucks to go on a run and not be able to see/track my running stats.
 
I have never figured out why ransomware never occurs as a timebomb.
They could have it so that it quietly infects all data including backups.
Right now I have only read about it infecting the data soon after infection.
Once the virus is in, it is not long before they are asking for payment.
BUT, many companies have a backup from an hour ago, or a day ago, or a week ago - and these backups do not seem to become infected...so some of these affected companies can do a wipe & reinstall, keep on trucking.
If the ransomware thieves got smart they would make it hangout quietly for a while then 'explode' a week later, after everything was infected making it impossible to wipe & reinstall.

Thanking you for the tip. Love, Ivan.

I think these guys are more of the "You'll pay me Tuesday for a Hamburger today types." With due regard to Whimpy of course.

Edit - added bastardized Whimpy quote.
 
I flew today. somehow I made it there and back. used GP on my tablet. checked flygarmin, the flight is there. downloaded a few updates to both phone and tablet. all is right in the world.
 
My Garmin watch still can't upload to the app. My workout data is probably a lower priority to restore than the pilot apps.
 
Thanking you for the tip. Love, Ivan.
These guys are not stupid; Im baffled why they haven’t done this already.
I know <0 about IT but Im sure this would be easy.

OTOH maybe there is something else about their virus that makes it unnecessary. If a large company with huge investments in software like Garmin can’t recover in a few hours (without paying)... that must be a sumbitch virus.
 
Garmin's outage, ransomware attack response lacking as earnings loom
Garmin's response to a cyberattack has been less than stellar, but earnings loom and Wall Street will want answers just as much as customers do.

https://www.zdnet.com/article/garmins-outage-ransomware-attack-response-lacking-as-earnings-loom/

Excerpt:

Garmin's long-running outage is a case study in how not to handle an IT meltdown and cybersecurity attack and may indicate a longer recovery than expected.

You can almost smell the panic as Garmin deals with a ransomware attack that has brought down numerous systems including Garmin Connect, the software that holds data on your runs, workouts and activities as well as production systems and call centers.
 
Would hate to be their IT person... :)
 
Has anyone tried to update their GTN750 from a Mac download since this started?
 
Im a little bit shocked and disappointed a company like Garmin could succumb to something like this. I expected them to be a bit more on the ball.
 
Im a little bit shocked and disappointed a company like Garmin could succumb to something like this. I expected them to be a bit more on the ball.

Garmin has to protect against all possible attacks. Attackers only need to find one unprotected way in. Or pay someone for a password, or....

Now, imagine you're Netjets or similar. You have jets due for a database update today or maybe (?) they can't legally perform their mission. Yikes.
 
Back
Top