Garmin Entirely Shutdown: Hack & Ransomeware Attack Strongly Suspected
Don’t panic, it wasn’t something you said on the Garmin forums that got you a lifetime ban. Garmin is well and truly down and, according to ZDNET “…since the incident took root earlier today, at around 03:00 am UTC, several Garmin employees took to social media to share details about the attack, all calling it a ransomware attack.“
You have probably noticed that you cannot upload your workouts to either Garmin Connect on your smartphone or to Garmin Connect online via the Garmin Express software. That’s because the online data platform is closed for “”” maintenance “””. I just thought I’d add the extra speech marks there because it’s patently untrue that this is scheduled maintenance.
If you go to Garmin.com and try to buy something then you will also find that you are unable to do that and when a company doesn’t let you buy their stuff that’s really serious. Poor customer service is one thing but not taking money is just plain bad for the share price. There’s no point in calling the call centre because that’s down as well – that’s possibly NOT affected by whatever is doing the affecting and Garmin has just shut external calls off for a while to avoid having to answer the same question time after time.
If Garmin has been hacked and is currently assembling LOTS of Bitcoin for a soon-to-be-very-rich Russian computer nerd then I’d be VERY surprised. But even having said that it is strange that Garmin has been down already for many hours – since before 6 am UK time (edit 18 hours later…. Ouch. Oops. Oh dear).
Are there ANY parts of the service still running? Let’s take a look…nope
Actually that’s not entirely true. Eagle-eyed readers will note that some Garmin regional sites are still up and running such as Garmin Singapore.
Other reports from a leaked Garmin Taiwan memo suggest that the hack may have originated in that country. It’s possible the shutdown could be a precautionary measure against any such hack.
Forbes reports that the ransomware is EvilCorp’s WastedLocker, which primarily targets US-based corporations from Russian-based groups. Russia and China are clearly the current ‘official enemies’ but if the attack first happened at Garmin Taiwan then China might be a more obvious one to blame – remember that Taiwan IS an independent country but China dispute that and claim it as their own (source: BBC).
What I expect will happen: Garmin will revert back to one of their many enterprise-scale backups and their world of sports stats will gradually be switched on region-by-region. You won’t lose any data. In fact, all you will lose is your patience as it will take a few days. There will be a digital apology but you won’t be offered a meaningfully free voucher for anything worth having.
Interesting Footnote: The recent TWITTER hack that saw multiple postings of a Bitcoin scam on the accounts of famous/verified tweeters demonstrated that there is CLEARLY a level of security over and above what we implement as users ie, in that case, something which Twitter could override. So YOU can be as secure as YOU want to but there are methods of access to your account beyond your control that can also be hacked – I’m assuming that’s possibly true at Garmin too.
Interesting Footnote: the UK government alone can fine companies millions of dollars (pounds) for the breach of customer data and I’d imagine the same is true in other localities around the world. However, I would not expect Garmin to face the maximum fine as I would doubt very much that they have been either complacent or negligent in their handling of your data. Bad stuff sometimes happens. Even if Garmin were fined tens of millions of dollars they could afford it. Garmin’s share price fell today; however, the fall is in line with the fall in the market and so probably is not related to this incident.
WORKAROUND: It is possible to attach many Garmin devices to a computer and manually move the FIT file from the Garmin\activities folder to wherever you want it. Similarly, you can upload that same file manually to STRAVA if that’s where you want it to go. You know what to do.
The folder is not always in quite the same place on all models and on older models you will find a copy of your data in a Garmin Express folder on your computer.
Support this site with purchases at these partners - should click to a local choice in your country
Actually, according to Garmin:
“We are currently experiencing an outage that affects Garmin.com and Garmin Connect. This outage also affects our call centers, and we are currently unable to receive any calls, emails or online chats. We are working to resolve this issue as quickly as possible and apologize for this inconvenience.”
Ouch.
i saw that, thank you for posting it.
it begs the question: how possibly can garmin connect be linked to a call centre working? Then, as I said above, how can these possibly be linked to the online sales system not working? I think there is more to this than meets the eye.
It’s still down for me. Beginning to look more like a worse case scenario (user data compromised) situation.
About a week ago, some people were complaining on Reddit about being unable to upload activities. That was fixed quickly but it makes you wonder.
Maybe that nerd will be rich after all!
https://www.zdnet.com/article/garmin-services-and-production-go-down-after-ransomware-attack/
Garmin services and production go down after ransomware attack
Smartwatch and wearable maker Garmin planning multi-day maintenance window to deal with ransomware incident.
blimey.
well this indicate like many other internet companies, they lack of true multiplayer defense like multi factor authentication, real time security monitoring etc. none the less basics separation layers within production and other business critical environments, it just take one negligent employee to infect complete enterprise. Well we would need to wait for all those synchronization services to partner apps to work.(important to me :-)) of-course hopefully everything is restored.
the IT and Security guys might be under tremendous pressure….
‘might’…
heads will roll
its a 0 day attack. Several other companies are starting to see this as of the 10th and it is increasing. Somehow it is infecting backup’s and deleting them, and also taking down Domain controllers.
The point is: I‘ve never trusted Garmin. Bad software. And what about Garmin pay? Security?
Better to use my Apple Watch for these things. At least I am trusting Apple that they spend lots of money for making it secure
probably a fair generalisation.
Garmin Pay seems ok to me. then again, i use a ‘special’ account with it that hasn’t got too much money in (just in case)
oh dear
reader fyi: zero-day attack: https://us.norton.com/internetsecurity-emerging-threats-how-do-zero-day-vulnerabilities-work-30sectech.html
We’re going into day two of the this shutdown. I can only imagine what their security team is going through.
But, just as a suggestion for the future…
Why hasn’t Garmin implemented a device-side load for data? Just a bit of phone side storage set aside (user determines how much GB to set aside) for times when the servers are down. That way user logs are stored there and then released to the servers once they’re back up and running.
They do server maintenance from time to time why not have it in a temp folder so users have workouts and metrics update within the app on their end and the data will flow out once it’s ok to do so.
This has always been my biggest gripe with Garmin: No foresight and having the sense to invest in intuitive design. Just hire intuitive-minded people to find those places for improvement and do it. Nah, they’re more worried about rushing the next botched beta update out.
maybe.
if people who visit this site get all their sports data (eventually) in the right place then the fact that most of us have short memories will work in Garmin’s favour.
HOWEVER, my understanding is that there might be an issue with activity data not being sufficiently cached on the watches if this goes on too long. so we/others might start to lose some sleep/steps kinda data. i’m not 100% sure on that (it doesn’t sound right) but that would be my fear.
I have been resolute in saying that I always use the usb cable for data uploads of my OWN data. Now I think I have been vindicated in my partial mistrust of too much automation of ‘important’ stuff like uploads over ble or wifi
I kind of live by the day-to-day info, but what I meant wasn’t to cache the info on the watch; pass it that data into the app and store it on the phone/tablet/whatever until the servers come back up. Right now the only passthrough info the app is receiving from my F6Pro is:
-HR reading in real time
-Steps
-Stairs
-Calories (not through MFP)
These are updating in real time inside the app. Everything else (activities, Load, Sleep, Intensity minutes), are flat. Why couldn’t they implement a “offline line mode?”
I’ve said this here, and the forums, and even to reps: Garmin is not intuitive and that weakness is why their entire platform is riddled with holes. Hire people to fill those holes and stop just putting a band-aid over them.
I don’t even care that much about uploads. I’ve got advanced workouts that I’ve programmed and can’t access. Bad enough the VA3 stopped being able to download through Connect unless scheduled on the calendar which is also inaccessible
eesh
maybe check if some are downloaded to your calendar for a couple of days in the future (I thought they were?)
No, the whole calendar portion of the app is down. You would think user created advanced workouts and the calendar would work at least, but everything is tanked.
Not that I’m a regular Strava user, but my friend noted I had a run uploaded during the crash. Most likely from my Stryd.
ok
i think there are workarounds if the ultiamte source of the workout files is NOT Garmin Connect eg training peaks/finalsurge. from there you should be able to download the workout file and place it in the correct directory on your watch but if you can’t get the source then you’ll have to improvise.
No joy. The workouts were solely my creation. Now, I’m starting to worry that they’ve lost them entirely. Some of these were strength training workouts I created.
I do greatly appreciate the replies and the attempt to help. This was one of my worries when Garmin switched to the Connect platform from the Training Center. And yes, I am old, LoL. I was rocking a FR305 before switching to the VA3.
Well at least it looks like they didn’t lose my custom created workouts. Still can’t sync them to the watch though.
Like many have commented on the reviews in the Google Play store, the inability to sync custom workouts to your watch without connection to the Garmin servers is a stupid design.
Looks like things are coming back as I was able to access the Garmin Connect website this morning. Haven’t done any watch syncing yet but hopefully that’s back also or soon will be.
Still can’t sync.