
Garmin services and production go down after ransomware attack - fbnlsr
https://www.zdnet.com/article/garmin-services-and-production-go-down-after-ransomware-attack/
======
exabrial
Their products are designed to work offline. Despite the cloud being down I
have full local functionality right now. (Though I can't see my history,
surprised they don't cache that locally).

Last year when I did a 9-day canoe trip with no cell phone reception, all of
my Garmin gear worked flawlessly (wearables, navigation devices, and their
offline map app). Can't say the same about my friends iWatches/fitbits or even
some stuff on various stuff of iPhones and my pixel.

~~~
quest88
FYI for anyone else reading: Google maps lets you download maps for offline
use.

~~~
exabrial
It has a transactional guarantee of "maybe". I would _definitely_ not rely on
this functionality for anything other than non-critical or time sensitive
casual navigation on roadways.

When I'm out in the bush, I need my device to be up and working locally. It
seems that stuff designed in SV just assumes the lifestyle of 100%
connectivity is universal.

~~~
toomuchtodo
Do you have any recommendations for digital mapping solutions that “just work”
without connectivity?

~~~
abkfenris
Gaia GPS is fantastic. You can mix and match layers, and specify what bounds
you want to download for a trip.

Right now I've got 3 GB stored locally, some of that for the usual locations
that I wander out of connectivity, and some for a trip next week.

Garmin (formerly Delorme) Earthmate despite their other issues is great for
state or province wide vector maps. Not as great for fine navigation and
tracking (as it's designed to be paired with and control an InReach), but good
for point of interest exploration.

~~~
macintux
I love Gaia on my iPhone and iPad, but I’ve had real problems with map layers
not displaying lately. MapBox Streets and Gaia Streets are both hosed and I
can’t figure out why.

------
9nGQluzmnq3M
A leaked email from Garmin's Taiwan office says everything including the
production line has been shut down for two days:
[https://translate.google.com/translate?sl=auto&tl=en&u=https...](https://translate.google.com/translate?sl=auto&tl=en&u=https%3A%2F%2Fwww.ithome.com.tw%2Fnews%2F139004)

Local media suspects a ransomware attack, which is about the only thing that
could explain how widespread this is.

~~~
codethics
Can confirm it is a ransomware attack.

~~~
sn_master
Source? Do you work there? Do you know whats the ransomware used or how much
they're demanding?

~~~
francisofascii
Total speculation, my guess is WastedLocker. It has been hitting all types of
companies in the past few months. Have a friend who's company was hit
recently. They were somehow were able to encrypt the backups.

~~~
aksss
My vote is something's being held for ransom like DNS or account access rather
than traditional storage encryption. It's pretty impressive if storage
encryption crossed so many network boundaries and affected so many diverse
resource types - phones, chat, email, website, distributed app platform. What
other central resource besides DNS would have such a broad impact?

~~~
alexfoo
Or they're hugely Windows based (Exchange, SQL Server, AD Servers, etc) and
the same exploit got into a huge number of diverse machines.

Or _shudder_ far reaching writeable network mounts.

~~~
francisofascii
Yes, exactly. My friend's company was Windows based with mapped drives to
external servers.

------
mattmaroon
I guess I always assumed Garmin made most of their money on their aviation
products, since they are so dominant and so expensive. And those are designed
to rarely if ever connect to the internet. But I guess I was pretty off on
that, they’re only 20%.

On a side note the graphs of their revenues per year and by category show a
company that successfully branched out when their former big category,
automotive, which was 80% of their revenue, began to be eaten by in car GPS
and then smart phones.

~~~
fbnlsr
I used to sell Garmin car GPS back when I worked in a retail shop. They were
really good devices. But yeah I'm with you I thought most of their money came
from aviation (it seems like everyone uses Garmin products), but their sports
watches sell like crazy.

Actually, I realized their network was down because this morning my watch
would not sync after a run. :)

~~~
frosted-flakes
Honestly, they're _still_ really good devices. I have one from last year
that's a solid alternative to an in-dash navigation screen, and for what I use
it for, just as good as Google Maps, and in many ways better (way more
convenient and customizable, completely offline except traffic, bigger screen,
auto-on...).

~~~
kevin_thibedeau
Their latest motorcycle units are dog slow because some dumb product manager
decided to build it on their old hardware platform using newer firmware which
isn't a good mix. I have a 10 year old auto unit that is better then the junk
they have now.

------
danielbln
For many many hours already, including SSO, their webshop, and all of Garmin
connect. The devices can't sync anymore, the mobile apps are all but useless
and Garmin has yet to comment on any of this. Yikes.

~~~
christoph
It's made me realise how crazy reliant my Garmin watch is on their
infrastructure. I went onto the app this morning to try and alter a watch face
I already have downloaded, which should totally be configurable through just
the mobile app alone. Why the hell does it need to talk to Garmin's servers to
let me do this? It should just be possible through the app alone, without
needing any involvement from Garmin's servers.

~~~
parliament32
Depends on your device, but on a Fenix you can swap/configure watch faces
directly on the device.

------
ytch
[https://www.ithome.com.tw/news/139004](https://www.ithome.com.tw/news/139004)

(I'm not sure if it's reliable)

This Taiwanese tech site says because of virus, IT system and production line
are down for two days according to insider.

they claim it might be ransomware.

~~~
codethics
It is ransomware.

~~~
mox1
Yep, I have a friend who works there. Not looking good right now.

~~~
petee
Would love to know if they've lost control of their Play Store accounts, i.e,
is there any risk of compromised app updates?

------
DebtDeflation
This is frustrating. I have a Garmin Fenix 6X Sapphire (that I absolutely
love) and on seeing this headline I checked the Connect app on my phone and
sure enough I cannot access any of my previous activities. You'd think that in
this day and age of phones with 128GB+ storage that they'd be caching at least
some of your historical data locally, but nope it's all in the cloud, which is
currently inaccessible.

~~~
scruple
I've been tinkering with the idea of writing a service agent that detects when
my Garmin GPS watch is connected to my desktop (where / how I charge it) and
automatically pulls down any new activities to store locally as a backup.

Starting around 2012... I used to scrape my activities off of the Garmin
Connect website, I eventually got tired of the manual nature of this process
and also having to keep up with changes they made to their site. After that, I
used something called, I believe, Tapatirik, for a while, to automatically
sync them to a Dropbox account. But, it wasn't flaky sometimes, so I
eventually gave up entirely and just turned on the sync to Strava option. But
that also has spurious failures that are annoying to deal with. And on and on
it goes...

Frustrating is one word for it. I'm at a point where I find it to be
completely anti-consumer.

~~~
nradov
GoldenCheetah can do at least some of what you want.
[https://www.goldencheetah.org/](https://www.goldencheetah.org/)

~~~
scruple
Thanks for that!

------
jacquesm
The internet-of-things that aren't really your things strikes again. When will
manufacturers learn that their hardware should function even if their services
are down? The whole account/subscription tacked on for no apparent reason
thing is highly irritating, and Garmin is actually better than most.

~~~
kettro
When I worked for Garmin, we deliberately designed products to work for as
long as possible offline - the Bike Speed & Cadence Monitors (~2018) are able
to work for 1 year, riding every day, then a battery change, and then another
year, all before a sync to a device is required. All of the rides should be
stored on-device.

~~~
DaiPlusPlus
What’s the significance of 365 days?

(I’ll accept “CA certificate expires” - but why isn’t there a workaround?)

~~~
iamacyborg
Presumably related to the size of the on-device storage?

------
Molpot
Has anybody tried to reverse engineer garmin's bluetooth protocols? I often
want to buy one of their smartwatches but the idea of having to install
proprietary software on my phone kind of puts me off. I'd love to write my own
software but I don't have any experience doing bluetooth RE.

~~~
barbegal
You can just get the activity files off the watch via USB if that would work
for you.

[https://support.garmin.com/en-
GB/?faq=Ht3ZP52Kju075uKvqTqu99...](https://support.garmin.com/en-
GB/?faq=Ht3ZP52Kju075uKvqTqu99&productID=541225&tab=topics)

~~~
Molpot
Thanks but it doesn't, I want a watch to keep track of my swimming training,
I'm afraid using USB connectors would make the watch less waterproof.

~~~
montebicyclelo
They tend not to put standard USB in the watch, but connections like this:
[https://media.dcrainmaker.com/images/2014/06/IMG_3109_thumb....](https://media.dcrainmaker.com/images/2014/06/IMG_3109_thumb.jpg)

~~~
Molpot
Nice, I didn't know that, thanks for telling me!

------
Zealotux
It took me a whole minute to disable cookies on this website with their built-
in tool, and uBlock still blocked 80 scripts. For a status page.

~~~
ultrarunner
Welcome to Garmin software quality

------
justkez
It’ll be interesting to see how Strava copes when the tap is turned on again.
Maybe there’s some rate limiting built in but they’ll be getting a flood of
accumulated data to process

------
somecommit
I precisely like garmin watches because if you don't setup their bluetooth,
you are not tracked by anyone, it's not required to connect to servers etc...
It's enough for me because I only need to check BPM.

~~~
amelius
Of course there isn't any guarantee that at some point, some marketing manager
won't decide to break that.

~~~
nanidin
It seems unlikely, Garmin is a very engineering led company. At least it was
when I worked there 10 years ago!

Part of that engineering focus is an insane attention to the BOM, and to
support(call center) and warranty (returns & repairs) costs. I think both of
these things make it unlikely that Garmin will add a cellular modem to start
tracking otherwise unconnected devices.

~~~
rconti
Interesting. It surprises me how BAD most of Garmin's software is. They
regularly break syncing functionality for weeks at a time. Sometimes watches
need reboots to figure out how to sync to a phone. The sunrise/sunset graph on
my $600 watch has NEVER been right.

You can push activities to your Garmin account but they don't bother
engineering in any additional functionality, eg, to show your last activity if
uploaded from outside, or to account for externally uploaded activities in
your training metrics. It never feels like they're interested in improving the
functionality of existing devices.

Don't get me wrong, I'm happier with my Forerunner 945 than I was with my
Apple Watch, but only just. Basically, it does enough things that my Apple
Watch can't do, to make suffering with the majority of things it's somewhat
worse at, worthwhile as a tradeoff.

~~~
count
I think they're hardware engineering focused, not software engineering. Hence
your Forerunner 945 will last most of a week (minus gas-enabled exercise
time), where your Apple Watch goes about 2 days at most.

~~~
amelius
In that case, perhaps they should open source the software or open the
hardware interface.

------
aksss
This might be a fine time to plug an app called RunGap -
[https://www.rungap.com/](https://www.rungap.com/)

Disclaimer: I'm not associated with them other than being a satisfied user of
it.

RunGap takes your activity data from one service and migrates it across others
- so your activities you upload to Garmin Connect will be copied over to
MapMyRun, Runalyze or whatever, including DropBox and/or iCloud. It won't help
you now, but in the future it may be a good way to derisk the loss of your
activity history.

I think it's apple device only though. :/

~~~
fredrikaverpil
There's also [https://tapiriik.com](https://tapiriik.com) for syncing.

------
TheWindUpPirate
I wonder what the root cause is? They've just tweeted that the outage is also
affecting call centres and their ability to receive email. [0]

I'm glad their stuff is designed with zero connectivity in mind. Just slightly
irked that my history isn't cached on my phone.

[0] -
[https://twitter.com/GarminUK/status/1286279863217926144](https://twitter.com/GarminUK/status/1286279863217926144)

~~~
aksss
I struggle to imagine what non-segregated resource would be so central as to
affect their customer-facing app platform, internal email (or maybe mail
gateways), and call center.

Maybe DNS got hosed? I mean pretty impressive ransomware if it swept across
the company that far and wide, crossing so many network boundaries and
resource types so quickly.

Maybe accounts/control being held for ransom instead of storage encryption
(what I usually think of as ransomware).

~~~
nanidin
When I worked there, the entire internet for the campus went down. It took
down the Garmin website and everything else Garmin. The culprit? Everyone was
streaming music and/or videos. Everything shared the same internet pipe and
streaming music starved out essential business functions.

The next day all streaming services were blocked, and it was made clear we
were being monitored for excess internet usage. Thus began the great brain
drain to Apple, Amazon, and Samsung.

Well that, and the fact that they took away the nice toilet paper and replaced
it with one—ply right around the same time.

~~~
papito
One-ply toiler paper is where I draw the line. Nice toilet paper is a basic
human right.

Also, WHAT company of this size would try to save on toilet paper. Are you
kidding me?

------
PaulPfeiffer
While I am concerned a little for the location of my home now being in the
hands of the wrong people. I am more Concerned with Garmin's
Unprofessionalism... People who own yachts should probably be the most
concerned..

~~~
aksss
Why's that? Concern over location data or something? I don't own a yacht but
the Garmin gear in my boat assumes no Internet connection (kinda the point of
the boat) and sees no impact from this event. Garmin wearables, however, are
in use all day, every day, have associated PII to a minor degree, a broader
audience and have been severely crippled by this. Curious what the yacht angle
is that I may not be acknowledging.

------
dang
We changed the URL from
[https://connect.garmin.com/status/](https://connect.garmin.com/status/) to an
article with more info.

~~~
fbnlsr
Thanks!

------
helsinkiandrew
Does anybody have any understanding of either the WastedLocker ransom ware or
Garmin's internal systems that can explain how it can have such a massive
affect on its website, production backends (including airplane navigational
systems), call centre, and possibly manufacturing systems. Is this windows
everywhere? or badly partitioned systems or have they pulled the plug on
everything just to be sure

------
SketchySeaBeast
A close relation of mine got sick back country hiking and needed to text for
someone to meet at a rendezous just this week using Garmin's texting services
- I hope that this doesn't last long, I'd hate to think of what would happen
if he'd tried to ask for help today.

Edit: Looks like Garmin 'Explore' is still up, so maybe it'd still be OK.

~~~
zachware
I think the Inreach sat services operate on the iridium network. They don't
sync with or connect to Garmin Connect based on my experiences.

~~~
zachware
Update: They use GEOS
[https://www.google.com/search?client=firefox-b-1-d&q=garmin+...](https://www.google.com/search?client=firefox-b-1-d&q=garmin+geos+response)

------
ackbar03
Nobody seems to be mentioning how the data is potentially more valuable then
the ransom? If customer data is stored on their servers, the hacker
potentially has the historical location data and identities of a lot of their
customers now, which could potentially contain sensitive information of
important people and possibly valuable to state actors

------
some_random
Talked to someone I know there who said it looked like ransomware targeting
all windows boxes, including those connected via VPN.

~~~
coldcode
Either the people in charge of security were dumb (dealt with some of those)
or they were smart and the executives refused to listen or fund them (met
those as well) or both (and have worked at places like that too). I wonder how
many companies fall into these categories.

~~~
TwoBit
What would they have suggested that executives might not listen to?

------
pietromenna
I am happy I am still able to run, even with their services down. But I found
no comments on the internet at all about the reason of the incident.

~~~
jdechko
If you run, but you don’t post it to strava, did you even run? /s

~~~
zuppy
This is silly. I use the data to see where can I improve, not for bragging. I
can not see it on the app while the service is down.

Yeah, sure, I can manually downlod it (as I can also take a paper and a pen
and write the data), but that’s not a fair expectation.

~~~
jdechko
I know. I was being sarcastic. I’m the same way, and I’m pretty sure my strava
is set to private. Mine was more of a comment on how everything has a social
component nowadays.

~~~
zuppy
ok, i’m sorry, i’ve missed the tone :)

------
aksss
My Garmin Connect app is now syncing with wearable and showing steps and other
stats again. I briefly had an updated banner that said they were planning
system maintenance from 7am on the 24th to some end time, and then it went
back to the "down for maintenance" message within a three-minute span.
Interesting. They may be staggering trying to bring some workarounds online.

------
cnbuff410
How does ransomware attack work if the company host all of their service in
the cloud (aws/gcloud/etc.)? Based on some preliminary readings, it seems like
ransomware attack is mostly conducted on a physical machine. If your service
data is all stored in the cloud and not synced with any of the machines owned
by your employees, are you still subject to this type of attack?

~~~
grl
Ransomware and cloud are very generic terms. Ransomware is a concept of
encrypting data to deny service. Cloud really references virtual architecture
that is easy to expand and contract, often in a 3rd party cloud provider like
Azure or AWS. The "machines" could be windows, linux, docker containers, Lamda
functions (AWS), etc. running virtually in "the cloud". So, a ransomware in
the cloud just means that someone encrypted data that is stored on cloud
architecture. Certainly quite possible, but not as common as encrypting
windows machines, which is what usually makes the news.

~~~
userbinator
_but not as common as encrypting windows machines, which is what usually makes
the news._

It could be Windows machines in the cloud.

------
artemisyna
Hm. I recently bought a Garmin Inreach Mini (satellite emergency communication
device), intending to use it for some long backcountry hiking/backpacking
trips I'm planning on taking.

Really hope this isn't effecting their emergency service/emergency
communication devices. Subscription management, at a minimum, was via the
Garmin website.

~~~
zachware
Garmin sat trackers use the Iridium sat network and outsource the response to
GEOS so you'll be fine.

[https://www.google.com/search?client=firefox-b-1-d&q=garmin+...](https://www.google.com/search?client=firefox-b-1-d&q=garmin+geos+response)

------
humanlion87
Even the status page is not loading for me. Which seems weird.

------
wil421
Recently I was looking into Fish finders. Garmin has some cool tech and their
maps are great. I’ll have to make sure I don’t get a connected device.

~~~
rightbyte
Having your gps time-out on you might be lethal. Imagine an hypothetical auto
update bricking all gps devices in the group on a mountain top or the sea and
relying on a compass and map if you were smart enought to bring it.

Not having a gps makes many endouvers just that much more risky.

Edit: made it clear it is a hypothetical scenario

~~~
LeifCarrotson
Garmins update by USB, not GPS. There's no way for them to push an update to
you on top of a mountain or in the middle of the sea.

Also, when I plug my Garmin watch into my computer by USB, it just brings up a
USB mass storage device. I could drag a new firmware image over if I had one,
but it's not going to auto-update and time out. I last updated in 2016, it's
been going strong since 2013. Incidentally, battery capacity is down
significantly, but it still lasts multiple days and multiple workouts.

They're actually really well engineered against accidental automatic bricking
and loss of function, unlike most IoT devices and websites.

~~~
ISL
My watch updates via bluetooth every time a new firmware ships. It can also
update via USB.

------
sakopov
It appears that even some garmin.com assets are failing to load right now.

------
foobarbecue
Yikes, does this affect inreach service? If so, lives are at stake.

~~~
macNchz
I just put my inreach device out on my back deck and sent myself a test email
and sms–seems to be working fine. I can't log in to manage my account, but
their status page claims that the critical inreach services (SOS and comms)
are up and running:
[https://status.inreach.garmin.com/](https://status.inreach.garmin.com/)

~~~
foobarbecue
Yep just tried mine too. Well, that's a relief.

------
montebicyclelo
I've recently started processing the GPX data from my (oldish) Garmin watch
myself, thanks to [https://www.gpsbabel.org](https://www.gpsbabel.org).

------
codethics
Confirmed hacked.

~~~
recrudesce
provide an official source for the "confirmation" other than that ithome
website...

------
guzik
Yikes. Going through the comments it seems their products can still work
offline? How about caching?

Garmin is our direct competitor, but we wish them a quick recovery.

~~~
petee
If there is one thing Garmin really needs, its competition. I'd love to hear
who you work for, and I hope you gain some ground

~~~
saagarjha
From their profile, it looks like it's Aidlab.

------
GaryNumanVevo
I've got a Fenix 5x, and I'm kind of old school about it. I don't use
bluetooth, since my phone is typically off when I'm backcountry hiking. I load
up all my traces and map layers over USB, have been for 12 years across a
bunch of my Garmin devices

------
fery09
This very stupid big company ever..., going down for 12 hours. What their IT
doing, their IT never thing about Disaster Recovery ? Or the company very
stingy to invest for disaster recovery plan. Now my Fenix 6 like a stupid
smart watch.

------
ShepherdKing
Not sure if it's related, but asteroid 2020 ND is supposed to be passing by
the Earth on July 24th.
[https://indianexpress.com/article/explained/explained-
nasa-a...](https://indianexpress.com/article/explained/explained-nasa-
asteroid-2020-potentially-dangerous-to-earth-6515170/)

~~~
sonofgod
That's passing fourteen times further away from the moon. It won't have any
effect on satellite operations.

For a sense of scale on satellites:
[https://en.wikipedia.org/wiki/Low_Earth_orbit#/media/File:Or...](https://en.wikipedia.org/wiki/Low_Earth_orbit#/media/File:Orbitalaltitudes.jpg)

