Surprised there wasn’t already a thread for this. For the last couple of days (since Thursday) my fitness watch (an old vivoactive HR) hasn’t been able to connect to the Garmin Connnect app on my phone, and it appears to be due to a ransomware attack:
I’ve read in other stories that not only fitness apps and such have been affected but FAA-required GPS units in some planes as well?
I’ve been following this closely. I have a Garmin Vivoactive 3 smartwatch. One thing I’m intensely happy about right now is that I picked this watch because it was more of a watch with smarts, so this outage has been pretty invisible to me. I only noticed because I wanted to see how well I slept the other night and sleep stats weren’t available (I think they use the cloud for analysis of night time movement patterns). Other then that everything else has been working just fine, at least in how I use it.
I can still track my workouts, I just can’t post them online lol.
I’m sure Garmin has backups, but this seems extremely targeted so I can’t imagine the difficulty of isolating it and bringing things back-on without a reinfection.
I don’t suppose you can upload other files from your watch directly to Strava besides the .fit excercise activity files, right? I can’t see sleep, or estimated calories consumed daily etc. till this outage goes away if ever. Even the activity files don’t show heart rate data.
I honestly don’t know. I’ve read online that you can grab some data off the watch by connecting it to the computer, but some watches make that easier or harder. I haven’t looked into the details cause I don’t do that stuff even when the cloud is online :P
Hard to believe that Garmin developed a system that has no worst-case scenario options for this. Shouldn’t they at least be able to wipe their systems to zero then restore them with a known-good backup?
I think you are underestimating how long it would take to shut down and wipe every single server and computer system every employee uses across all their networks, and to make sure which backups are safe from the ransomware and which ones aren’t.
If they bring one backup or computer online prematurely without isolating it in the network it could re-infect everything and bring things back down again.
Its annoying since I can’t do any of my weekly tracking in the app, since I can’t even load my local copy. It crashes after it leaves the loading screen.
Like I said, worst-case scenario. Right now their products don’t work. So either they pay these hackers $10 million to maybe get them working again, for now, or they wipe everything. I mean they’re going to have to do it anyway or these guys are going to shut them down again eventually.
96 percent of organizations that paid the ransom received a decryption tool from the hackers.
Essentially the likelihood is high because they all know if they get a reputation of taking the money and running then that 40% that pay the ransom goes down to zero.
Good to hear, thanks for the update. While it sucked for us normal people, I wonder how much this is going to cost them on the aviation side of things? They can’t afford down time I am sure.
I heard on some podcast years ago an expert was saying these companies don’t invest enough on security of their networks. Just enough to get by. If that was the case here, I am hoping they learned their lesson.
I can’t see how they got funds to Evil Corp without any Western bank noticing, and no Western bank will facilitate that payment. Perhaps one of Garmins Russian subsidiaries has accounts at a Russian bank.
Now OFAC know they will be knocking on Garmins banks door for more info. I expect we’ll see some kind of settlement with the US Treasury a few years down the line, adding to Garmins costs.
Got a message from an Amazon delivery person that they couldn’t locate my apartment building and asked for directions. It struck me as absolutely bizarre as they’ve been delivering boxes for years, but then I remembered this thread. sigh