Garmin Connect Service Taken Offline Following Ransomware Attack

Garmin has been hit by a ransomware attack that encrypted the smartwatch maker's internal servers, forcing it to shut down its call centers, website, and the Garmin Connect service, which users rely on to sync their activity via the mobile app.

garmin outage

Image: Victor Gevers

In messages shared on Twitter, the company apologized to users and gave details on the extent of the forced shutdown.

The attack also affected Garmin's aviation database service, flyGarmin, which supports aviation navigational equipment, and some production lines in Asia, according to ZDnet.com.

Officially, Garmin has not referred to the outage as the result of a ransomware attack, but company employees have since taken to Twitter and described it as such.


Taiwanese tech news site IThome published an internal memo from Garmin's IT department to its Taiwan-based factories announcing two days of maintenance on Friday and Saturday, which sources told the website was down to a "virus."

(Via The Guardian.)

Tag: Garmin

Top Rated Comments

nwcs Avatar
35 months ago
It is the squirrel and bird feeder problem. If the squirrel wants to get the food it will spend as much time as it takes to foil whatever you setup as defenses. The squirrel also has a lot more time than you do to figure it out. Security is the same thing. The criminals simply have more time and motivation to breach the defenses.

They’re either paid by the state or doing it for some “cause” where companies have to actually be profitable and pay people. And doing full security on a large scale is simply difficult and expensive. You have layers of issues to deal with from hardware to software to wetware (people). Like with Twitter’s recent security issue, all it takes is one rogue employee (whether enticed or coerced) in the right place to thwart even the best security.

This should provide a warning for people that as we put more faith in online services and governments move to weaken security measures in the name of providing “security to the people” this puts the companies at a big disadvantage and these incidents will only get worse until something forces the industry to change in one form or another.
Score: 17 Votes (Like | Disagree)
minimo3 Avatar
35 months ago
You can spend tens of millions and hire the top security folks to implement the most sophisticated WAFs, patch all your servers, run static and dynamic scans, train your developers to write secure code to prevent XSS, SQL injection, pay a CDN to prevent DDOS, install IDS, but all it takes is 1 employee to click on an email attachment that looks legit (eg the FROM field lists the CFO) and their workstation can be compromised. From there the attacker can harvest their network domain password which probably has SSO across multiple systems and then slowly escalate their way to find privileged access to a critical system. So you might think that you could prevent this by eliminating any internet access for all employees - airwall. Even then its not secure, the Stuxnet worm was introduced into an Iranian nuclear reactor by someone plugging in a USB stick. So really the only way to secure your company is not to have any systems connected to the internet (you correspond with them via the postal service or Fax/telephone) and superglue shut all the USB ports, dvd drives, as well as disable Bluetooth, WiFi. Kinda hard to work like that though
Score: 11 Votes (Like | Disagree)
hortod1 Avatar
35 months ago

This is worrisome. Garmin is huge in the aviation industry. Thousands of pilots rely on their navigation equipment. Let's hope that side of their business is better protected.
Was just going to say the same thing. An outage of fitness products is an inconvenience. An outage of aviation products is a matter of flight safety.
Score: 9 Votes (Like | Disagree)
GeoStructural Avatar
35 months ago
Cybersecurity has never been so prevalent and important. Many companies have a hard time recruiting capable people in a field that is ever changing and the most talented minds are usually not interested in that kind of job.

This is also a testament that you should not trust your data or your service rely on the infrastructure of any company... Garmin is a large enterprise and even them can suffer these attacks, I remember recently an app bugging me to use their cloud client, definitely not! I use OneDrive as main service, iCloud as backup and an old school SSD hard drive just in case.
Score: 8 Votes (Like | Disagree)
nikon1 Avatar
35 months ago
When are businesses that are so internet dependent going to learn just how important security is, not only to their business but to their customers as well. It seems like many businesses consider connected security as just an afterthought, a “cost center that reduces their profitability” as opposed to a core cost to maintaining their business and customers security.

While I realize this sounds like a “Monday morning quarterback” comment, it doesn’t make it any less crucial.
Score: 7 Votes (Like | Disagree)
MacLawyer Avatar
35 months ago
This is worrisome. Garmin is huge in the aviation industry. Thousands of pilots rely on their navigation equipment. Let's hope that side of their business is better protected.
Score: 7 Votes (Like | Disagree)

Popular Stories

iPhone 15 Pro Buttons CAD Leak

iPhone 15 Pro Low-Energy Chip to Allow Solid-State Buttons to Work When Device is Off or Out of Battery

Wednesday March 29, 2023 1:54 am PDT by
The iPhone 15 Pro and Pro Max will use a new ultra-low energy microprocessor allowing certain features like the new capacitive solid-state buttons to remain functional even when the handset is powered off or the battery has run out, according to a source that shared details on the MacRumors forums. CAD-based render of new solid-state buttons on iPhone 15 Pro models The source of this rumor is ...
maxresdefault

Apple Announces WWDC 2023 Event Taking Place June 5 to 9

Wednesday March 29, 2023 9:58 am PDT by
Apple today announced that its 34th annual Worldwide Developers Conference will take place from Monday, June 5 to Friday, June 9. Like WWDC 2020, 2021, and 2022, WWDC 2023 will be an online event for the most part, and it will be open to all developers at no cost. Subscribe to the MacRumors YouTube channel for more videos. Apple will provide online sessions and labs, which will allow...
iPhone 15 Pro Multi Purpose button Mute Switch Feature Green 2

iPhone 15 Pro Rumored to Feature Multi-Use Action Button Instead of Mute Switch

Wednesday March 29, 2023 7:28 am PDT by
iPhone 15 Pro and iPhone 15 Pro Max models are rumored to feature a customizable Action button like the Apple Watch Ultra, according to a MacRumors forum member who leaked accurate details about the Dynamic Island on iPhone 14 Pro models last year. The source claimed the Action button will replace the Ring/Silent switch that has been included on every iPhone model since 2007. They did not...
iOS 16

Apple Releases iOS 16.4 With New Emoji, Safari Web Push Notifications, Beta Changes, Voice Isolation for Calls and More

Monday March 27, 2023 10:03 am PDT by
Apple today released iOS 16.4, the fourth major update to the iOS 16 operating system that initially came out last September. iOS 16.4 comes two months after the launch of iOS 16.3, an update that added Security Keys for Apple ID. iOS 16‌.4 and iPadOS 16.4 can be downloaded on eligible iPhones and iPads over-the-air by going to Settings > General > Software Update. It can take a few minutes...
Apple Music Classical

Apple Explains Why It Launched an iPhone App Dedicated to Classical Music

Monday March 27, 2023 8:54 pm PDT by
Apple today published a support document explaining why it decided to release a standalone Apple Music Classical app for classical music. In short, Apple says the app was designed to support classical music's complex metadata:Classical music is different. It has longer and more detailed titles, multiple artists for each work, and hundreds of recordings of well-known pieces. The Apple Music...
iOS 16

Apple Seeds First Betas of iOS 16.5 and iPadOS 16.5

Tuesday March 28, 2023 10:15 am PDT by
Apple today seeded the first betas of upcoming iOS 16.5 and iPadOS 16.5 updates to developers for testing purposes, with the software coming a day after the launch of iOS 16.4 and iPadOS 16.4. Registered developers can opt in to the betas by opening up the Settings app, going to Software Update, tapping on the "Beta Updates" option and toggling on the iOS 16 Developer Beta. Note that an...
home upgrade available feature

PSA: Apple Has Made Its New Home Architecture Update Available Again

Tuesday March 28, 2023 1:50 am PDT by
Apple has made the option to upgrade to new Home architecture available again with the release of iOS 16.4, iPadOS 16.4, and macOS Ventura 13.3, after it temporarily pulled the update in December. After updating Apple devices to the latest software, users can once again opt to upgrade any homes set up in the Home app to the new Home architecture, which Apple says brings faster, more reliable ...