Garmin/Garmin Connect Down

Discussion in 'General Bike Discussion' started by StormStrikes, Jul 23, 2020.

  1. rola643

    rola643 Two skinny Js Staff Member Admin Staff Mod Team Tavern Member

    20,465
    8,880
    113
    I’m sure it’s just the tip of the iceberg
     
  2. lectrichead

    lectrichead Well-Known Member

    739
    727
    93
    The Russian company that deployed their version of Wasted Locker on Garmin attacked a whole lot of major US corps last month, and earlier this month, including some of the Big Names, but had their IP and intrusion methods blocked on many though they hacked used accounts from a newspaper company's and infected a ton of others, maybe dozens.

    I guess Garmin didn't get the memo.

    Probably shameful on their account. But, well.

    The thing about hacks - of any kind against companies or individuals - you can think that you're better than anyone else and have the best security possible and best monitoring, keep up to date on everything, plug all your holes, etc but if someone were properly motivated enough - by money, resources, or being pissed off - then there is someone somewhere who can eventually figure out a way to hack you if given the chance, whether directly or indirectly. And I think you'll find those in non-computer-related security will tell you the same thing.
     
    Last edited: Jul 26, 2020
    Dos_Ruedas and John_V like this.

  3. StormStrikes

    StormStrikes Member

    1,728
    365
    83
    Without a doubt.

    I don't know how fast this thing would/does spread across a network, but I would think a corporation the size of Garmin would have their network segmented in such a way that they would be able to get somewhere ahead of it and isolate it. Then, if they had sufficient and timely backups, just restore the systems. Surely they are using VM's/VDI's that have regular snapshots they could restore from?

    I dunno, it just strikes me as odd. I sure would like to see the internal postmortem report on this. I bet it's a good read.
     
    John_V and fpl1 like this.
  4. lectrichead

    lectrichead Well-Known Member

    739
    727
    93
    You would think, but I am guessing since they are a fairly 'mature' company when it comes to tech I am betting they have got some pretty old architecture and programming, and who knows - maybe some slapdash interfaces between systems, older stuff (hardware and software) that no one knows how to fix, and backup systems and images that don't cover everything.

    I've felt that they've had some problems in the past that likely were the result of bad practices - reading between the lines, of course.
     
    John_V likes this.
  5. StormStrikes

    StormStrikes Member

    1,728
    365
    83
    Ahhh, yeah, that's a good point too. Good ole legacy stuff.

    The good news is that it appears they are back up and running now. Well, I can get to Garmin Connect, that is.
     
    John_V likes this.
  6. kneedrachen

    kneedrachen Moderator Mod Team Tavern Member

    8,414
    1,065
    113
    API....API....API.
     
    Dos_Ruedas and John_V like this.
  7. fpl1

    fpl1 Well-Known Member Tavern Member

    6,664
    4,017
    113
    Just saw this. Only Garmin products I still have are my boat gps and a watch I use for workouts or runs. Haven’t needed either since this happened. Who knows could’ve been one employee making a bad decision in responding to a phishing request. We are a publicly traded company and spend a lot on data protection. It’s always hammered home that the weakest link in the system is one employee falling for a phishing scam. Wonder if that’s how they got in. Glad I went to wahoo for cycling I guess.
     
    John_V and kneedrachen like this.
  8. Germanrazor

    Germanrazor Member

    26
    50
    13
    Just today finally got mine back up and running with the mobile app correctly.
     
    John_V and fpl1 like this.
  9. kneedrachen

    kneedrachen Moderator Mod Team Tavern Member

    8,414
    1,065
    113
    Strava has been verrrrrrrrrry quiet.
     
    John_V and rola643 like this.