Report Says Garmin Paid Millions in Ransom After Hack

A recent report claims Garmin had to spend a lot of money to get is files back.

 

There was a time when consumers only knew Garmin for the tiny little square boxes you suctioned to your front windshield. And while they seem a little cumbersome now, they were part of a GPS revolution that kicked the Atlas to the curb and ushered in the era of turn-by-turn navigation.

Well, Garmin actually has its teeth in several different industries, including aviation, but is now most known for its weables division, where it offers a wide array of devices like smart watches and fitness trackers. No suction cup required.

Unfortunately for Garmin, a recent data breach compromised its entire operation when an alleged cyber attack knocked many of its services and systems offline. And recent reports suggest that it may have been even more nefarious than we realized, saying that Garmin was forced to pay a multi-million-dollar ransom to get its files back.

According to Engadget, the cyber attacker hasn’t officially been identified but some analysts feel the ransomware used is one believed to be tied to a Russian cybercriminal ring called Evil Corp.

But if it was Evil Corp and Garmin did pay a ransom -- two points that are so far unconfirmed -- then things could get a little hairy. That’s because the US sanctioned Evil Corp last year and prohibited the entity from “engaging in transactions with US companies.”

According to Engadget, a third party, Arete Incident Response, who worked with Garmin on handling the situation, has said it doesn’t believe it was conclusively dealing with the barred entity in this case, and that it "follows all recommended and required screenings to ensure compliance with US trade sanctions laws."

More