Garmin Services and Production Shut Down After Ransomware Attack

On July 23, Garmin, a company well known for its activity trackers, smartwatches, and various devices for athletes, announced a major disruption of the Garmin Connect system, which powers mobile apps and is responsible for syncing user data. As a result of the failure, all of the company's online services were unavailable worldwide. At the time of writing of this article, Garmin services remain unavailable.

Downdetector data on Garmin as of July 24, 2020

The failure also affected the Garmin technical support call center, leaving users without a primary communication channel.

The reasons for the failure are not disclosed in official channels, but on social media, Garmin employees reported that hackers attacked Garmin, and it had to deal with a ransomware attack that has encrypted its internal network and some production systems.

It is also reported that hackers shut down not only the Garmin Connect service but also some production lines in Asia and flyGarmin, Garmin's web service that supports the company's line of aviation navigational equipment.

Downdetector data on Garmin as of July 24, 2020

Due to this outage, pilots faced with many problems. Pilots always need to run an up-to-date version of the database on their navigation devices as an FAA requirement. Now they can't download a version of Garmin's aviation database on their Garmin airplane navigational systems, so they can't schedule and plan flights.

It is estimated that it will take Garmin at least two days to fix everything.

Some Garmin employees attributed the outage to an attack by the WastedLocker ransomware virus, but there is no confirmation of this information.

The first mentions of the WastedLocker virus appeared in Fox-IT and Malwarebytes reports in July 2020. Then it was said that it was created by a team of hackers called Evil Corp, which is associated with the Russian special services. This virus creates encrypted files with the victim organization's name with the postscript "wasted," demanding a ransom from $500,000 to $10 million in bitcoins.