
Will Garmin pay $10m to end outage? - sna1l
https://www.forbes.com/sites/barrycollins/2020/07/25/will-garmin-pay-10m-ransom-to-end-two-day-outage/#5558b0a53164
======
aurizon
Has this attack group been in position for a long time, so they have had time
to deal with all levels of backup by poisoning them in transit, so Garmin has
no viable recovery tools? One would think that that all modern data security
plans have locked and unchangeable archived backups - that said, if even those
have been discovered and quietly encrypted in such a way that they looked ok
to monitoring systems - until the trigger was pulled? A complex problem.
Garmin must pay or rebuild all they have created in many areas? At this point
it becomes an economic decision = pay and live to fight another day...

------
jeffbee
How many well-known production security measures were considered and rejected
on grounds of cost before Garmin got to this point?

------
sna1l
This is all based off of rumors/employee tweets, but it seems plausible
enough, given the length of the downtime.

