Garmin’s services have partially returned after going offline in an alleged cyber-attack on July 23. The American GPS and fitness-tracker company is currently dealing with the fallout after a system failure left individuals frustrated and unable to log their data.
The outage affected individuals around the globe. The alleged cyber-attack prevented users from accessing online information and uploading their health and fitness data. Some of Garmin’s support systems were also unavailable.
“We are currently experiencing an outage that affects Garmin.com and Garmin Connect. This outage also affects our call centers, and we are currently unable to receive any calls, emails, or online chats. We are working to resolve this issue as quickly as possible and apologize for this inconvenience,” the company announced on its Twitter account
Garmin Connect is the company’s fitness-tracking app that allows users to track their health data and connect with friends. The alleged attack locked users out of the service until Garmin was able to partially restore the app on July 27.
The outage also affected apps that use Garmin to track run times. Many avid runners are replacing races canceled due to COVID-19 with competition through fitness technology. Without being able to submit their tracking data, they were unable to receive their rankings.
FlyGarmin, which provides navigational support services for pilots, was also unavailable. Pilots who used the Garmin service were unable to download accurate aviation databases. Pilots are required to have these databases by aviation regulators before they can fly.
Multiple outlets, including the BBC, reported that the service outage was due to a ransomware attack on Garmin.
Ransomware is a type of malware that encrypts a victim’s files. The attacker can then demand ransom in order to restore the victim’s access to the data after completion of payment.
Reports claim that the attackers asked Garmin to pay $10 million for the restoration of its systems.
WastedLocker malware is a relatively new form of malware associated with a specific cybercrime group known as Evil Corp. Evil Corp is known to primarily target U.S.-based businesses.
In June 2020, Symantec announced an attack on at least 31 of its customers by malware associated with Evil Corp. The company noted that eight of the companies targeted were Fortune 500 companies. Symantec did not release any specific company names.
The U.S. Treasury Department also sanctioned Evil Corp in Dec. of 2019 for using their Dridex malware to harvest banking credentials and steal more than $100 million.
On July 25, Garmin released a statement saying it has “no indication that this outage has affected (user) data, including activity, payment, or other personal information.”
As of July 27, users reported that Garmin systems appeared to be partially working again. Garmin released an email to its users stating it would no longer respond to questions about delayed uploads to its servers.
The company claims that “most of the issues will resolve themselves.” Warnings issued to users of the service warned that the delays might last a week, or potentially longer due to the backlog.
Garmin services are not fully restored as of July 27, but Garmin has made progress in restoring many of the Garmin Connect features.