Cyber Attack : Garmin paid ransom to restart online services
In July 2020 Garmin was the victim of a computer attack. In order not to see her business paralyzed and collapse, she gave in to the demands of cyber criminals. A large sum of money had been paid to the cyber criminals to regain access on the operating systems.
Garmin suffered a computer attack that affected “Garmin.com and Garmin Connect” and its call centers during the month of July. The GPS navigation specialist had confirmed on 23 July that it had been the victim of a cyber attack, without giving further details. A few days later his services suddenly resumed without any explanation being given.
A ransom that would represent several million dollars
According to sky news, Garmin paid his cyber criminals several million dollars via a third party company called Arete Incident Response to be able to regain access to his files and systems.
If Garmin preferred to keep silent on this case, several computer security researchers have claimed that it was the WastedLocker ransomware.
Ransomware is malware that paralyzes a system by encrypting all files on it.
In order to return the data decryption keys to the victims, cybercriminals demand ransoms payable only in virtual currency (cryptography, Bitcoins).
Where does the WastedLocker come from?
It’s malware developed by a Russian cyber crime group known as Evil Corp. The U.S. Treasury Department, suspecting Evil Corp of being responsible for the development and distribution of Dridex malware, sanctioned the group last year, Sky News reported. Such a sanction is often accompanied by a ban on US companies from doing business with the sanctioned entity.
However, the day after the cyber attack on Garmin, Arete Incident Response published a study stating that the link between WastedLocker and Evil Corp was not established. A small hint that the ransom should be paid even though the two companies did not wish to comment on the matter.
Source: Usine du digital