Or so it would appear.

https://cyclingtips.com/2020/08/report-garmin-secured-decryption-key-paid-ransom-to-hackers-2/

Seems as though it had no choice.

Evil Corp

Supposedly...a Putin "friend". Get used to it, this is going to be a thing. The guys with the pocket protectors are letting us down

What? No regular backups? Did they let employees store files on local hard drives? Most likely failed to do regular updates as well. I worked in the IT dept of a hospital that was hit a couple of years ago. It was hell for a couple of weeks and we had to re-image a lot of PCs. They did regular backups of data which was stored off-site each day. Some folks did save to their local drives and much of that was gone as the ransom was not paid. After that, local saving was prohibited and it you tried the data was put on a network share.

Tim

What? No regular backups?
My understanding is that it infects the backups. The process is to gain admin level control first, generally through social engineering.

i havent read the article yet, but if it turns out they did in fact go through sketchy channels and did pay the ransom - and not recover on their own terms - that tells me they are completely screwed up over there and heads should roll at the highest levels for both getting into this and the lack of a good response plan.

I am generally a garmin fan, but this disappoints me.

i havent read the article yet, but if it turns out they did in fact go through sketchy channels and did pay the ransom - and not recover on their own terms - that tells me they are completely screwed up over there and heads should roll at the highest levels for both getting into this and the lack of a good response plan.

I am generally a garmin fan, but this disappoints me.

+1

I am a garmin user and I agree this is very disappointing. People should loose their job. I really find it hard to believe that they may have thought they were ready for something like a ransomware or maybe they were just over confident that "nobody would want our stuff".

Having been in the IT industry a long time, you cannot be overly confident about any of this stuff. Management has to make it known that routine security/software updates are mandated.

Sermon over :banana::banana:

Or so it would appear.

https://cyclingtips.com/2020/08/report-garmin-secured-decryption-key-paid-ransom-to-hackers-2/

Seems as though it had no choice.

But NOW, they are another target for anther data kid-napping...A clean and fix was more than $10million??

Evil Corp

Supposedly...a Putin "friend". Get used to it, this is going to be a thing. The guys with the pocket protectors are letting us down

It's often human error from someone NOT in IT that causes many (not all) of these types of attacks.

My understanding is that it infects the backups. The process is to gain admin level control first, generally through social engineering.

Exactly. And often NOT the IT person is compromised.

+1

Having been in the IT industry a long time, you cannot be overly confident about any of this stuff. Management has to make it known that routine security/software updates are mandated.

Sermon over

I am a 25+ year IT industry veteran (with the past several in information and cybersecurity) and as you probably already know, it is often management who refuses to listen about the need for stronger controls or is willing to pay for them. Everything is a cost-benefit analysis and Garmin may not have originally considered this type of attack a serious threat and/or worth paying to protect against it. For now, this is all speculation. If they ever do a full investigation and release the results we will know the full truth.

If they ever do a full investigation and release the results we will know the full truth.

LOL! Never happen. Accountability? A leader once said "You can't handle the truth!"

LOL! Never happen. Accountability? A leader once said "You can't handle the truth!"

And that is why I wrote that anything else is pure speculation.

Sometimes publicly traded companies are forced into full disclosure but it often happens weeks/months/years later (i.e. Equifax breach).

Heads will roll but it is often not those who actually deserve it.

Same thing happened to our company, about five years ago. Russian company hacked and shut down entire system, demanding ransom. After looking for other options for a couple weeks, we gave up, paid ransom and were back in service shortly after. Strangely, this is a 'gentleman's pursuit', of sorts, and there's an 'honor code', where they provide very good customer service to get system restored and operating, once ransom is paid. Without good customer service after the ransom payment, they understand their business model would fail and no one would pay. They were quite professional and the level of customer service was high, after the ransom was paid.

Since, we've spend a large sum trying to keep our system free from outside hacking. Nearly every consultant we've engaged has said there's little way to fully prevent it, and it's better to put resources into developing a parallel system and backing up data frequently. Given hacks of Twitter, Facebook and even Garmin, it seems they're correct, that no system is impenetrable.

Evil Corp

Supposedly...a Putin "friend". Get used to it, this is going to be a thing. The guys with the pocket protectors are letting us down

It's already a "thing" for at least a decade..

Target (dept store) 55M or so affected, through back door in HVAC system. Garmin may have been / most likely have been through 3rd party/partner network(s). My own company 3x all because of Sr Management NOT paying attention to IT protocol. (to echo the above, probably not direct IT)

a parallel system and backing up data frequently

Isn't this (supposed to be) standard IT protocol?

Covers the rare occasion of a foreign hack and the MUCH HIGHER probability of employee incompetence totally screwing up one of your DB.

From what I understand, this is a not-so-new norm of sorts- companies pay the ransom. The choice is clear if the goal is to limit losses and damage, which amounts to getting up and running as soon as possible. I would guess the entities behind these attacks would do a cost-benefit analysis and have priced the ransom amount accordingly. Its the cost of doing business, and even the most sophisticated security is vulnerable to attack.

The social engineering, or human hacking aspect that unterhousen mentioned is particularly interesting, and accounts for a surprising percentage of the security breaches. And these are tech-savvy people who are being compromised. The thinking that only gullible or ignorant people are susceptible has probably resulted in companies being slow to recognize this as a very real threat.

The social engineering, or human hacking aspect that unterhousen mentioned is particularly interesting, and accounts for a surprising percentage of the security breaches. And these are tech-savvy people who are being compromised. The thinking that only gullible or ignorant people are susceptible has probably resulted in companies being slow to recognize this as a very real threat.
Many companies have robust training programs for employees to recognize these attacks. They generate internal phishing e-mails to test employees and ensure that they follow company policy for dealing with cyber attacks. Employees who fail to follow cyber security policy are subject to remedial training, poor performance reviews, and ultimately termination. There's too much at stake to not take these attacks seriously. And you are very correct, it's amazing how very knowledgeable persons still fall victim to these attacks. The attackers are very good at what they do.

Greg

Many companies have robust training programs for employees to recognize these attacks. They generate internal phishing e-mails to test employees and ensure that they follow company policy for dealing with cyber attacks. Employees who fail to follow cyber security policy are subject to remedial training, poor performance reviews, and ultimately termination. There's too much at stake to not take these attacks seriously. And you are very correct, it's amazing how very knowledgeable persons still fall victim to these attacks. The attackers are very good at what they do.

Greg

What is this based on? From a report? From your own experience?

IME, there are very few (not many as you suggested) companies that do this type of broad and deep training and testing for non-IT employees. At-best, it is once a year or at time of hiring and thus simply not enough.

What is this based on? From a report? From your own experience?

IME, there are very few (not many as you suggested) companies that do this type of broad and deep training and testing for non-IT employees. At-best, it is once a year or at time of hiring and thus simply not enough.
Based on personal experience. Note that I stated "many," not "most," "majority," etc... I can't and won't provide more details as it would be inappropriate. Just sharing my personal observations.

Greg

Based on personal experience. Note that I stated "many," not "most," "majority," etc... I can't and won't provide more details as it would be inappropriate. Just sharing my personal observations.

Greg

Fair enough.

Any chance I can get you to overnight me a sandwich from Brooklyn Pickle and some food from Dinosaur BBQ?

What is this based on? From a report? From your own experience?

IME, there are very few (not many as you suggested) companies that do this type of broad and deep training and testing for non-IT employees. At-best, it is once a year or at time of hiring and thus simply not enough.

At my company, employees who have access to the company's networks (which is pretty much everyone at my job site) have to take on-line security training at least once a year, and they send out fake phishing emails multiple times a year to test if the employees are on their toes.

Fair enough.

Any chance I can get you to overnight me a sandwich from Brooklyn Pickle and some food from Dinosaur BBQ?
Now that is a great idea! The beauty of living in Sibera-cuse is that I am literally 5 minutes from either of those fine establishments. I'll politely counter your offer with one of my own: if you visit CNY, hit me up for a ride and post-ride meal! The riding in CNY and the adjacent Finger Lakes is truly world class. Miles of quiet country roads, wide shoulders, and great food and beverage options. There's also some good gravel riding options within a reasonable drive.

Greg

At my company, employees who have access to the company's networks (which is pretty much everyone at my job site) have to take on-line security training at least once a year, and they send out fake phishing emails multiple times a year to test if the employees are on their toes.

Every tech company I have worked at these trainings have been mandatory for all employees, not just for those with exclusive network access. I've been doing digital project management stuff for a while now and dealt with large clients like Wells Fargo, Phizer, etc and I'm still never surprised by anything that comes across my desk. Reason: Marketing gets the budget, IT gets the scraps.

Interestingly the group that hacked Garmin is on the US terrorist list. Giving a terrorist group $10M is a pretty big no-no.

I was also amused the hack only received 6 words on Garmin's earnings phone call on the 29th.

My understanding is that it infects the backups. The process is to gain admin level control first, generally through social engineering.

There is no way for it to hit off-site backups. They are off the network. Delete the affected files, make sure updates are run and the malware is gone and then restore the files. As in our case quite a few PCs needed to be reimaged anyway.

Tim

These articles are fun but as I said in the other threads they are just wild fun speculation from cycling journalists with little knowledge of computer systems or networks.

As an engineer working in software security these articles don't convince me of anything. It's all speculation with zero revealed sources or primary source information.

Wasted Locker can't take down a whole organization like this.

It doesn't take down Garmin's phone systems. It's not going to take down a data center that doesn't run on Windows. It's not going to affect the machines that are Macs and we know Garmin has some of those. It would have 0 effect on Connect if Connect was running in the cloud on a non-windows setup (which is almost everything). Amazingly the comments on these articles often have people pretending Wasted Locker could go into AWS or another cloud platform and erase the backups, etc...

It's a Windows thing.

Most of the non-tech people where I work have Windows machines and if they weren't patched/managed well one of them could click on these phishing type scams and get something like Wasted Locker introduced into the system.

But Wasted Locker could never cause this level of damage and shut down.. it might spread through some of the department's windows machines where the initial infection happened.

It's not going to do a damn thing to phone systems or non-windows development systems or non-windows servers running on the other side of firewalls. It's not going to take out routers or any of these other things.

Garmin had so much damage & so many things shutdown this story just doesn't sound legit to me it could be a piece of what happened but not the whole thing. And it keeps being reported this way by Cycling journalists with no inside sources.

This isn't even the same story that was unfolding when I went and started reading the twitter threads about it.

Even the windows machines.. if you don't build the whole network in a completely windows way that's completely incompetent you can just wipe all these machines and reimage them and lose almost nothing.

My employer can erase my workstation today and we'd lose almost nothing. It'd take me a day or two to set everything back up to get productive again but there would be no need to pay the ransom.

At my company, employees who have access to the company's networks (which is pretty much everyone at my job site) have to take on-line security training at least once a year, and they send out fake phishing emails multiple times a year to test if the employees are on their toes.

Same here.

What the heck is our NSA doing? This is such massive exposure to US companies (Garmin is a large MIL provider and of course airlines). Just firing a bunch a people and setting up new corporate policies won't work - all they need is one key in.

This 100% agree!

Since, we've spend a large sum trying to keep our system free from outside hacking. Nearly every consultant we've engaged has said there's little way to fully prevent it, and it's better to put resources into developing a parallel system and backing up data frequently. Given hacks of Twitter, Facebook and even Garmin, it seems they're correct, that no system is impenetrable.

US regulators are hilariously underfunded and have no teeth, and have tons of "private" partnerships for governance and auditing. Very much like the Credit Agencies during the 2008 financial crisis and garbage mortgage securities.

European regulators are much more serious. I would trust a european entity over an american any day.

Also: Training is pointless and merely there as a CYA for the company. Limited span of control, minimizing blast radius, separation of duties, extreme access control at all layers and assuming all actors are bad actors (including your own employees) is the only way to secure things. 99% of companies don't operate like this - it is expensive, it is hard, and if you're a legacy company nearly impossible to retrofit.

As someone said earlier.. cost/benefit is "risk a piddly $10M cyber attack, or spend a hundred million plus give up $x earnings-per-share forever" - 9 times out of 10, executives are gonna go with the near term stock price.

Also keep in mind every website in the chain you follow reading these stories is ad driven, including the security blogs.

Given hacks of Twitter, Facebook and even Garmin, it seems they're correct, that no system is impenetrable.

There's been almost no other hacks like this Garmin one... Twitter & Facebook have never been hacked like this.

The amount of downtime/damage Garmin had here is more like the NSA + IDF attacking the Iranian nuclear program.

To take everything down including phone systems, data centers, servers, etc, etc.. it would have taken a multi-prong approach that was way more sophisticated.

The only way it was just Wasted Locker is if Garmin's setup is so incompetent & homogenous it's unimaginable to me.

Other possibilities would be Garmin lying about some of the effects, like their phones were fine the whole time and they were just lying cause they didn't want anyone calling.

It is way more plausible they just shut everything down and did a large & time consuming restoration from backup than it is that the only solution was paying the ransom.

There's been almost no other hacks like this Garmin one... Twitter & Facebook have never been hacked like this.

The amount of downtime/damage Garmin had here is more like the NSA + IDF attacking the Iranian nuclear program.

To take everything down including phone systems, data centers, servers, etc, etc.. it would have taken a multi-prong approach that was way more sophisticated.

The only way it was just Wasted Locker is if Garmin's setup is so incompetent & homogenous it's unimaginable to me.

After using Garmin's software for years as an end-user (Hello Garmin Connect) I can absolutely believe their back-end IT was similarly awful. If what they put in front of paying customers was garbage, I can only imagine what their in-house stuff was like.

After using Garmin's software for years as an end-user (Hello Garmin Connect) I can absolutely believe their back-end IT was similarly awful. If what they put in front of paying customers was garbage, I can only imagine what their in-house stuff was like.

Wasted Locker is windows malware the only way it can take down everything is if the entire setup is that homogenous.

Maybe if you work in small businesses outside of tech or something it is conceivable that you can see your whole office running on windows, with backups on windows, your website is hosted on some windows server in the corner, etc.. the phones are some windows solution that plugs into a USB port on a windows machine, etc...

It's almost inconceivable a place like Garmin could be like that... they are a large hardware + software OEM. You literally cannot do what they do with a setup that basic and homogenous.

Windows Malware just doesn't do anything to non-windows stuff.

The problems that you have to solve to design & build GPS units & all the software that runs on them and a giant cloud platform that handles hundreds of thousands of users concurrently are just incredibly different than running a law firm or accounting firm or something like that... the variety and sophistication of computer systems you need is incredibly different.

If they were that incompetent they would have failed at their business so long ago this wouldn't even be a story. The whole thing collapses because of your own internal incompetence.

Any good kidnapper will hand back the kid if paid... It's a good business for these folks. Shame they couldnt find another way.

Our IT department sends out sporadic phishing emails, If an employee responds to it they have to sit through more training.

What the heck is our NSA doing? This is such massive exposure to US companies (Garmin is a large MIL provider and of course airlines). Just firing a bunch a people and setting up new corporate policies won't work - all they need is one key in.


Spying on citizens?

Wasted Locker is windows malware the only way it can take down everything is if the entire setup is that homogenous.

Maybe if you work in small businesses outside of tech or something it is conceivable that you can see your whole office running on windows, with backups on windows, your website is hosted on some windows server in the corner, etc.. the phones are some windows solution that plugs into a USB port on a windows machine, etc...

It's almost inconceivable a place like Garmin could be like that... they are a large hardware + software OEM. You literally cannot do what they do with a setup that basic and homogenous.

Windows Malware just doesn't do anything to non-windows stuff.

The problems that you have to solve to design & build GPS units & all the software that runs on them and a giant cloud platform that handles hundreds of thousands of users concurrently are just incredibly different than running a law firm or accounting firm or something like that... the variety and sophistication of computer systems you need is incredibly different.

If they were that incompetent they would have failed at their business so long ago this wouldn't even be a story. The whole thing collapses because of your own internal incompetence.

These are the same folks who told a regular fellow Saturday club ride attendee, when warrantying his third set of Vector power pedals in six months, that the faulty spring in the battery compartment that provides tension for contact was improperly designed and "yeah, they just stop working sooner or later."

This crew can't get a two cent spring right in their marquee power pedal, I can only imagine the kind of IT infrastructure they've got.

Johnny Dangerously:

"Don't forget, crime doesn't pay... Well, it paid a little!"

The people with experience in this field that are saying Garmin couldn't have been 100% windows have apparently never owned a garmin product. Because I find it believable.

Every tech company I have worked at these trainings have been mandatory for all employees, not just for those with exclusive network access. I've been doing digital project management stuff for a while now and dealt with large clients like Wells Fargo, Phizer, etc and I'm still never surprised by anything that comes across my desk. Reason: Marketing gets the budget, IT gets the scraps.

And Compliance has to fight it out with both!

What the heck is our NSA doing?

Quite a lot, actually. Just because they alert corporations and other government agencies of vulnerabilities doesn't mean that those corporations or agencies patch the holes. As noted elsewhere in this thread, it costs time and money. Management makes decisions regarding priorities and spending. Sometimes those decisions backfire.

The President is well known to use an unsecured (not hardened) iPhone, but who can make him change?

Since, we've spend a large sum trying to keep our system free from outside hacking. Nearly every consultant we've engaged has said there's little way to fully prevent it, and it's better to put resources into developing a parallel system and backing up data frequently. Given hacks of Twitter, Facebook and even Garmin, it seems they're correct, that no system is impenetrable.

This is true. Stay up to date, create backups in other offline areas.

The people with experience in this field that are saying Garmin couldn't have been 100% windows have apparently never owned a garmin product. Because I find it believable.

Never speak in absolutes.

Garmin ships iOS software and Mac Software, therefore it is incredibly unlikely they're 100% windows as there's nothing but extreme fringe options for developing software for Apple platforms without developing on Macs.

Also it's completely obvious from job postings that they run Connect in Microsoft's Azure cloud platform, most likely in containers... that is windows but it's not going to be affected by this kind of Ransomware stuff or it would be all over the news in a way bigger way as massive swaths of companies would be down.

On top of that if Connect is in Azure in a containerized setup it would take minutes, not even hours to restart the whole thing and erase everything hackers did. That's just the way cloud deployments work. You typically would have to go out of your way as an IT shop to defeat the multiple layers of security those platforms start with. You start out opening an Account and Amazon/Google/Microsoft has already applied rings of security to your setup before you even start.

Most of Garmin's quality issues have to do with them having WAY too many models IMO. The number of different models they have to keep working is totally insane. After all these years they are still in the same situation as say Samsung and still can't grasp that Apple's model is the one that works. A very small # of devices that you concentrate on and polish till they work exceptionally well has completely defeated the model of vomiting an ever increasing # of models out on the market that you never get working right and abandon and hope the users just shovel out for the next one.

Ransomeware could be part of what happened but it just has to be a very small part of a larger attack to have accomplished what happened.

I'd believe there were inside IT employees paid by the Russian hacking group or a sophisticated social engineering attack to help sabotage the company from within before I'd believe the news stories here that try to pin the whole thing on a single malware attack.

The recent twitter hack that was so spectacular was social engineering.. literally the hacker calling into the company impersonating an employee to get the ball rolling. Those are far more deadly than ransomware when it comes to these big corporate hacks.

These articles are fun but as I said in the other threads they are just wild fun speculation from cycling journalists with little knowledge of computer systems or networks.


I also mentioned speculation earlier in this thread and I am glad more techies like myself are responding. For those not in the IT industry, one can see a theme in the posts from IT people:

- Anything you are currently reading is probably pure speculation
- You will not ever know the full story unless Garmin decides to have a 3rd party investigation and they release the full results
- It is unlikely 1 piece of ransomware/malware/etc. took down an entire company
- Backups/Disaster Recovery Plans/Hot Sites/Redundancy all depends on how they are set up and are not a panacea for all attacks
- Training end users is helpful but only part of a larger defensive plan

So, if you like Garmin products then continue to use them but continuing a conversation about what might have happened when nobody on this forum, or in the media, appears to have real information about the attack seems pointless IMHO.

I'm the IT Manager for the Company I work for. I work closely with our Head of Security and all hires have to watch the mandatory Security Awareness training. I verify all of them have multi-factor authentication enabled for their accounts. It's a work in progress to get everything locked behind 2FA but the more the better. I also don't want users going with Approve/Deny versus having to manually enter in the 6 digit code. Yes it's slower but it's more secure and you would be surprised at the number of users that will just click Approve on their mobile phone even though they were not the one who initiated the request.

We will never know the extent of how bad it was with Garmin. From various sysadmin forums I frequent, the backups were encrypted as well. So unless you have cold backups that are written to then taken offline you are out of luck. Even then, the amount of time to restore is nothing trivial.

In my previous company there was so much bureaucracy, siloing between teams and levels of Management that everything fell upon deaf ears or simply flat out ignored. "We don't have time for this or it's not in the budget or it can't possibly happen to us." This company also forced a 1.5 hour video with only 3 questions at the very end with passing being 80% so if you missed one you had to re-watch the entire thing all over again. No way to skip through or run at 2X speed. That was probably the most vocal I have ever had end-users storm over and vent. Hey, I had to watch the same thing, part of being the small company gobbled up in an acquisition.

I'm the IT Manager for the Company I work for. I work closely with our Head of Security and all hires have to watch the mandatory Security Awareness training. I verify all of them have multi-factor authentication enabled for their accounts. It's a work in progress to get everything locked behind 2FA but the more the better. I also don't want users going with Approve/Deny versus having to manually enter in the 6 digit code. Yes it's slower but it's more secure and you would be surprised at the number of users that will just click Approve on their mobile phone even though they were not the one who initiated the request.
This is great advice not only for the workplace, but for personal cyber security as well. I have multi-factor authentication set up for all my personal financial accounts. One time codes for electronic access and a verbal code for phone or in-person access. I was one of millions caught up in the Office of Personnel Management data breach in 2014-2015. I'll never know for sure if my information was being used for criminal purposes, but I strongly suspect it was. My company-sponsored retirement account was nearly compromised. Only my noticing an e-mail about account activity and the suspicion of a customer service rep at the financial institution stopped a thief from walking off with the majority of my retirement savings. When it comes to cyber security, it pays to be paranoid.

Greg

What is this based on? From a report? From your own experience?

IME, there are very few (not many as you suggested) companies that do this type of broad and deep training and testing for non-IT employees. At-best, it is once a year or at time of hiring and thus simply not enough.

I can speak to this based on experience. Companies are getting on board with this now more than ever. The past 5 years has seen huge growth in the Cyber area and it is now not uncommon for companies to have even monthly Phishing simulations as end users are generally the weakest link. All employees with computer email access are part of the program.

My understanding is that it infects the backups. The process is to gain admin level control first, generally through social engineering.

This is why tape based offsite backups are not going away. Air gap. Disk based systems with replication offsite can still be at risk as you stated.

Let's hope Garmin's MIL controlled products were 100% segregated. (I work in trade compliance)

continuing a conversation about what might have happened when nobody on this forum, or in the media, appears to have real information about the attack seems pointless IMHO.

What you describe represents about 80% of the text traffic on the internet :)

What you describe represents about 80% of the text traffic on the internet :)

The other 20% is food and abs pics

I haven't quite gotten my fill of saying disparaging things about Garmin, TYVM

Although the 830 has revised my views somewhat.

apparently so, thru an intermediary.

https://www.insidehook.com/daily_brief/tech/garmin-ransomware-arete-ir-solution

I hope Treasury investigates and any American passport holders on the BOD get prosecuted by the DOJ.

They violated OFAC. Money is what greases the fraud. They need to be made an example of in much the same way Glencore is being made an example. I am not sure what the exchange should do, since even though it is a Suisse Domiciled corporate, it is listed on the US exchange.

apparently so, thru an intermediary.

https://www.insidehook.com/daily_brief/tech/garmin-ransomware-arete-ir-solution

i mean, you cant even make stuff like this up. i actually did laugh out loud when i read this bit:

The ransomware is believed to have originated with the Russia-based Evil Corp

i mean, you cant even make stuff like this up. i actually did laugh out loud when i read this bit:

https://img.cinemablend.com/filter:scale/quill/6/e/5/e/c/7/6e5ec745b2335d82ab37b3ccc0c95ce604d4e087.jpg?mw=60 0

The other 20% is food and abs pics


Maybe your feed. Mine is full of puppies and kittens...and the occasional Italian racing bicycle... :)

i mean, you cant even make stuff like this up. i actually did laugh out loud when i read this bit:

Don't think OFAC will agree that is an excuse.

as an IT (mostly support-side) guy, i just sigh.
seems likely the attackers had some access and privilege escalation going long before they rolled out the encryption for ransom.

if something is broken: "what are we paying IT for? they aren't doing anything!"
everything is working fine: "what are we paying IT for? they aren't doing anything!"

i mean, you cant even make stuff like this up. i actually did laugh out loud when i read this bit:

Did they send a note signed "Evil Corporation"...? Unbelievable.

I hope Treasury investigates and any American passport holders on the BOD get prosecuted by the DOJ.


Righto..russian company..

if something is broken: "what are we paying IT for? they aren't doing anything!"
everything is working fine: "what are we paying IT for? they aren't doing anything!"

You have summarized the past 25 years of my professional life.:help:

if something is broken: "what are we paying IT for? they aren't doing anything!"
everything is working fine: "what are we paying IT for? they aren't doing anything!"

Ha! I've long said that IT and QA are in the same boat.

Things are good: "What the heck do you do all day?"
Things are bad: "WHAT THE HECK DO YOU DO ALL DAY?!?!"

Righto..russian company..

GARMIN violated US law by paying since Evil Corp is on the OFAC list. It's Garmin's BOD and senior management I want to see prosecuted and imprisoned.

Putting a proxy in the middle, doesn't solve the issue and it looks like Arete is a US company based in NYC anyway.

So....what else are you gonna do? Plus, they have great customer service

GARMIN violated US law by paying since Evil Corp is on the OFAC list. It's Garmin's BOD and senior management I want to see prosecuted and imprisoned.

Putting a proxy in the middle, doesn't solve the issue and it looks like Arete is a US company based in NYC anyway.

Plus, they have great customer service

Garmin; or Evil Corp?

Evil Corp...goes without saying:)

Garmin; or Evil Corp?

Garmin; or Evil Corp?

Well, couldn't have meant Garmin, so he probably was referring to Evil Corp:

https://www.cnet.com/news/ransomware-goes-pro-customer-service-google-25-million-black-hat/

Instead of working as criminals, ransomware attackers are treating their victims as "customers" and bringing in support staff to deal with their "sales." Yes, just like how your phone providers and banks have customer service, now, so does ransomware.

GARMIN violated US law by paying since Evil Corp is on the OFAC list. It's Garmin's BOD and senior management I want to see prosecuted and imprisoned.
Companies and individuals pay ransoms all the time in spite of U.S. law, mostly through third parties.

The "we don't negotiate with terrorists" line is a canard. We do. All the time. Ask the FBI.

As I mentioned earlier in the thread, Garmin makes national security equipment controlled by US State Dept, Department of Defense Trade Controls. Let hope these servers were not compromised.

This is a significant story which haven't heard boo in the news.

Was raised to worry about the Russians, been struggling with the last 30 years or so

As I mentioned earlier in the thread, Garmin makes national security equipment controlled by US State Dept, Department of Defense Trade Controls. Let hope these servers were not compromised.

This is a significant story which haven't heard boo in the news.

garmin; or evil corp?

lol. "Evil Corporation. May I help you?"

It appears Canon is up to bat.