By the CyberWire staff
Garmin confirms ransomware attack.
US-based GPS company Garmin sustained a ransomware attack on July 23rd that knocked most of its services offline for five days, Ars Technica reports. The company confirmed the attack on Monday, stating that "many of our online services were interrupted including website functions, customer support, customer facing applications, and company communications....We have no indication that any customer data, including payment information from Garmin Pay, was accessed, lost or stolen. Additionally, the functionality of Garmin products was not affected, other than the ability to access online services. Affected systems are being restored and we expect to return to normal operation over the next few days."
BleepingComputer and TechCrunch reported that the attack involved WastedLocker, a new strain of ransomware operated by the Evil Corp cybercriminal gang (which was sanctioned by the US Treasury Department late last year). Some reports claimed the criminals demanded a $10 million ransom, according to the BBC. Sky News cites sources as saying Garmin was able to obtain the decryption key but "did not directly make a payment to the hackers," leading to speculation that the company may have paid the ransom through a third party. Garmin didn't respond to these claims, telling Sky News that the company "does not comment on rumour and speculation."