Ransomware and the Garmin Outage

Steve

Those in the sporting community know Garmin as the leading supplier of sports tracking devices. Their website, "Garmin Connect," is an essential part of that service. It allows its customers to track their activities, organise their training plans and share their stats. We're keen runners at Backup Machine and use Garmin watches to keep us on our toes.

But this is not a story about how to get fit during a pandemic, rather it's about the fact that Garmin Connect is, at the time of writing, dead.

Garmin Connect is down

So what has happened?

Garmin have remained offline for 24 hours without issuing an update about what's going on, but various news outlets have suggested Garmin has been hit by a Ransomware attack.

What's Ransomware?

Ransomware is a nasty type of virus. It infects a computer and often tries to infect all the computers in a network - in this case, Garmin's datacenter. Once it's there, it's activated, whereupon it encrypts the hard drives of those servers. When the attacker chooses to activate their dastardly plan - those computers become inaccessible.

As the name of the attack suggests, this is when the attacker demands a ransom to make the computers work again.

What can be done?

Well, the best solution is obviously to have a backup of your computers that isn't held on the computer itself. We've talked before about how some backup systems just store data on the computer they've backed up - or remain attached to the computer (such as on a USB hard disk). Unfortunately those backups won't be useful should they also be attacked by the virus.

What should Garmin do?

Well this is a tricky one as we don't know what their backup policy is like, nor do we have confirmation that they have been struck by Ransomware. However the best thing to do is restore everything from a backup.

Now this is usually easy if you've got a website backed up with Backup Machine - but it can be a huge challenge if you've got myriad services and systems spread across the Cloud.

One thing seems clear though: paying Ransomware attackers to hopefully get your systems back online shouldn't let you sleep easy until you close the security vulnerabilities that let them get in. There have been several high profile ransomware attacks in the last few years, such as Baltimore's government computer systems in 2019, and those in Atlanta the year before. And in these desperate economic times, we can only expect them to occur more frequently. Repeat attacks aren't unheard of, even once you've paid up - so make sure you protect yourself with a decent offsite backup policy.

We sincerely hope Garmin can sort this out; they must be having a very stressful time.

July 24, 2020, 6:32 p.m.