Aviation Database Struck By Unknown Ransomware Gang

Published at: July 25, 2020

Smartwatch maker and data-syncing service provider, Garmin, was the subject of a ransomware attack that took down several of its services on July 23, which managed to encrypt its internal network.

According to a series of tweets published by the company, the Garmin Connect website and mobile app were affected by the hackers, plus the call centers and every customer support resources like replying emails, online chats, and handling calls.

However, the nature of the attack was unveiled by ZDNet, who also stated that the cybercriminals also targeted flyGarmin, the company’s service that supports its line of aviation navigational equipment.

Pilots affected by the ransomware

The Garmin Pilot app also was offline during the entire day, affecting several pilots that rely on the software to schedule and plan flights.

As of press time, Garmin’s website is working, but they’ve placed the following message: 

“We are currently experiencing an outage that affects Garmin.com and Garmin Connect. This outage also affects our call centers, and we are currently unable to receive any calls, emails or online chats. We are working to resolve this issue as quickly as possible and apologize for this inconvenience.”

Speculation keeps rising about the severity of the incident

Speaking with Cointelegraph, Chris Clements, vice president of solutions architecture at cybersecurity firm Cerberus Sentinel, commented on the ransomware incident:

“The security incident at Garmin highlights the need for organizations to implement a well thought out and formalized Incident Response plan with a preselected response team for key tasks like recovery, root cause analysis, and public communications. With no details forthcoming from official Garmin spokespeople, employees have been tweeting out information that may or may not be accurate and leading to wild speculation as to the extent and severity of the situation.”

Cointelegraph reported on July 22 about the ransomware attack against the University of York from an unnamed gang, which took place in May. Vulnerabilities from their third-party service provider led to the data breach.

Telecom, Argentina's largest telecommunications company, has fallen victim to a ransomware attack in July 187. At that time, hackers demanded $7.5 million in Monero (XMR).

Tags
Related Posts
Major Chilean bank shuts down all branches following ransomware attack
Banco Estado, the only public bank in Chile and one of the three largest in the country, had to shut down its nationwide operations on Monday due to a cyberattack that turned out to be a ransomware launched by REvil. According to a public statement, the branches will remain closed for at least one day, but clarified that customers’ funds have not been affected by the incident. Citing sources close to the investigation, ZDNet reported that the REvil ransomware gang is behind the attack. It reportedly originated from an Office document infected with the malware that an employee received and …
Technology / Sept. 8, 2020
Bitcoin Ransomware and Remote Working: What the Future Holds
The new work-from-home culture is gaining more traction than ever before as businesses, government departments and schools try to remain afloat while flattening the pandemic curve. This migration to remote working is a double-edged sword that creates a fertile land for cybercriminals to thrive on. There is no way that cyberattacks can be eliminated completely. The best that companies can do is minimize the frequency of the threats. What is ransomware? Cybercriminals use malicious software code to block people or organizations from accessing their computer systems until a ransom has been paid. Cryptocurrencies such as Bitcoin (BTC) have made it …
Technology / Aug. 21, 2020
Ransomware Targets Outdated Microsoft Excel Macros to Deploy Attacks
Microsoft Security Intelligence alerted users to a type of ransomware, called Avaddon, that uses Excel 4.0 macros to distribute malicious emails. These emails contain attachments which deploy an attack when opened in any version of Excel. Avaddon ransomware emerged in early June through a massive spam campaign that randomly targeted its victims. Some patterns seem to indicate that the ransomware mostly targets Italian users. Impersonating Italian officials As BleepingComputer reports, the attackers behind the ransomware are recruiting “affiliates” to spread the payload. According to their analysis, Avaddon’s average ransom amount is around $900, paid in crypto. The attack commonly impersonates …
Technology / July 3, 2020
Ransomware Gang Steals 10TB of Pics and Data From Canon
Multinational corporation Canon reportedly fell victim to a ransomware attack launched by Maze group against its email and storage services and its United States website on July 30. Maze has threatened to leak the pics and data if a crypto ransom is not paid. The image.canon site was out for six days, during which it showed updates. It went back into service on Aug. 4. Canon put out a statement that day about the attack, saying there had been no leak of image data, nor thumbnails of the photos stored in its cloud service. However, the severity of the attack …
Technology / Aug. 6, 2020
Don’t blame crypto for ransomware
Recently, gas has been a hot topic in the news. In the crypto media, it’s been about Ethereum miner’s fees. In the mainstream media, it’s been about good old-fashioned gasoline, including a short-term lack thereof along the East Coast, thanks to an alleged DarkSide ransomware attack on the Colonial Pipeline system, which provides 45% of the East Coast’s supply of diesel, gasoline and jet fuel. In cases of ransomware, we generally see a typical cycle repeat: Initially, the focus is on the attack, the root cause, the fallout and steps organizations can take to avoid attacks in the future. Then, …
Technology / May 30, 2021