Garmin has been hacked: No syncing your devices today....

Thu, Jul  23, 2020 - By Mike Muha

You're going to have to delay syncing your Garmin devices today...and maybe for the next several days: Garmin's been hacked. If you try to sync with Garmin Connect or go to the Garmin web site, you get messages that "We are experiencing an outage..." The outage is not only affecting your devices (I have three!) but Garmin can't receive calls, emails, or online chats at their call centers either.

ZDNet reports that Garmin has been subject to a ransomware attack. Ransomware is malware that encrypts a victim's files. The ransomeware software demands payment from the victim, promising to restore the files after payment has been made. Most ransomware is designed to spread through a network of computers, infecting those other computers and encrypting those files as well.

As of Thursday July 23 at 4:00pm EDST, No official word of a ransomware attack has come from Garmin, but Garmin employees have shared details over social media. The attack appears to have happened at 11:00pm on Wednesday, July 22.

Garmin has a couple of options. First, they can pay the ransomware and get the key to unlock the their files. There are potential problems with this: (1) the hacker may take the money and run, never providing the key or (2) the encryption and decryption software used by the hacker is so poorly written that that key may only decrypt some or some parts of the files.

The second option is ignore the ransom, wipe all the computer disks (to get rid of the malware) and restore from backups. This is a long process if you're dealing with hundreds or thousands of computers.

Social media around this have been a mix of anger, condolences, and fun...including this gem:

I hope they recover quickly because I need to upload my bike and rollerski workouts!