Garmin held ransom for $10 million in cyberattack
https://www.forbes.com/sites/barrycollins/2020/07…
Barry CollinsContributor
Consumer Tech
"Garmin is reportedly being asked to pay a $10 million ransom to free its systems from a cyberattack that has taken down many of its services for two days.
The navigation company was hit by a ransomware attack on Thursday, leaving customers unable to log fitness sessions in Garmin apps and pilots unable to download flight plans for aircraft navigation systems, among other problems. The company’s communication systems have also been taken offline, leaving it unable to respond to disgruntled customers.
Garmin employees have told BleepingComputer that the company was struck down by the WastedLocker ransomware. Screenshots sent to BleepingComputer show long lists of the company’s files encrypted by the malware, with a ransom note attached to each file."
The ransom note tells the recipient to email one of two email addresses to “get a price for your data”. That price, Garmin’s sources have told BleepingComputer, is $10 million."
Isaiah_53_5, hey, look at the bright side, at least you didn't get a ton of monkey shit thrown at you...here is my best guess on threads that might be helpful:
Fingers crossed that one of those helps you.
Playboy Russian hacker holds Garmin to ransom: Lamborghini driving 33-year-old who runs 'EVIL CORP' and has $5m FBI bounty on his head has crippled the firm with millions of users for fifth day - and wants $10m to restore it
https://www.dailymail.co.uk/news/article-8562805/Will-Garmin-pay-10-Mil…
Bad look for the company. They should've been able to wipe their hard drives clean and restore their data from offline backups. But they didn't make backups, and now the only way to get their files back is to pay. .
The forensic IT guy I talked to during our encounter said to NEVER PAY. Do you really think an anonymous thief will play fair? That $10M just became $20M after the first payment.
I mean of course there's the whole "We don't negotiate with terrorists" approach, but at the end of the day a few millions of $ isn't much compared to the dramatic loss of revenue that would ensue if the company were to lose access to its customer database and other critical files. That's why IT experts tend to tell companies not to pay, but companies still pay because if they don't they'll lose way more than 10 millions. There are even consultants specialized in helping companies pay such ransoms.
The example you posted below is not particularly relevant, because you assume that the FBI is indeed able to arrest the thief. Large-scale ransomwares, such as the one targeting Garmin, are operated by professionals who know how to avoid leaving traces (no black magic honestly, the kid in your story was just dumb as rock). In most cases, there's no way to find the author of the ransomware and obtain from him the key to decrypt the files.
Increasing the ransom after a first payment is also a proof of total amateurism, because it is strategically non-optimal: if this behavior were generalized, companies wouldn't pay at all, and people behind those ransomwares wouldn't make any money at all. I've actually read if I remember correctly an article written by security researchers saying that something like 70-80% of all ransomwares actually allowed infected victims to decrypt their files once the payment was made.
Beatae magni quo repellendus unde iusto. Nisi recusandae eos alias. At id blanditiis ipsa corporis.
Totam sit hic consequatur inventore quia voluptate voluptates non. Id est illo temporibus provident expedita. Dolorem aut eum perspiciatis perspiciatis perspiciatis. Et aperiam odit assumenda soluta quia magni neque vitae. Consequatur nihil aspernatur veniam perspiciatis cum.
See All Comments - 100% Free
WSO depends on everyone being able to pitch in when they know something. Unlock with your email and get bonus: 6 financial modeling lessons free ($199 value)
or Unlock with your social account...
Optio sit repellat fuga perferendis consectetur accusamus. Id et ea beatae adipisci id impedit fugit. Eum dolor quia quas qui voluptatibus. Doloribus dolor quis eos alias quis sunt est. Aliquid quibusdam fuga recusandae maiores voluptatibus ratione occaecati. Et expedita vel aut voluptatem labore.
Ut minus quia error rem alias facilis quam. Qui velit laborum esse voluptatem et pariatur. Eum ut omnis fuga mollitia veritatis doloremque debitis eligendi.
Eligendi et saepe eius. Reprehenderit id alias qui et. Sed nobis optio illum eligendi corrupti. Odio laudantium quo neque reprehenderit. Veniam perferendis harum aut. Soluta et vel mollitia molestiae quod. Magnam culpa tempore accusantium sint adipisci animi aut voluptas. Quam deserunt eum ducimus vero beatae deserunt.
Maxime et molestiae cum. Eius eos quos fugit sunt et quibusdam quam.