#1
|
||||
|
||||
Garmin paid the ransom
Or so it would appear.
https://cyclingtips.com/2020/08/repo...-to-hackers-2/ Seems as though it had no choice.
__________________
©2004 The Elefantino Corp. All rights reserved. |
#2
|
|||
|
|||
Evil Corp
Supposedly...a Putin "friend". Get used to it, this is going to be a thing. The guys with the pocket protectors are letting us down |
#3
|
||||
|
||||
What? No regular backups? Did they let employees store files on local hard drives? Most likely failed to do regular updates as well. I worked in the IT dept of a hospital that was hit a couple of years ago. It was hell for a couple of weeks and we had to re-image a lot of PCs. They did regular backups of data which was stored off-site each day. Some folks did save to their local drives and much of that was gone as the ransom was not paid. After that, local saving was prohibited and it you tried the data was put on a network share.
Tim |
#4
|
|||
|
|||
My understanding is that it infects the backups. The process is to gain admin level control first, generally through social engineering.
|
#5
|
||||
|
||||
i havent read the article yet, but if it turns out they did in fact go through sketchy channels and did pay the ransom - and not recover on their own terms - that tells me they are completely screwed up over there and heads should roll at the highest levels for both getting into this and the lack of a good response plan.
I am generally a garmin fan, but this disappoints me.
__________________
http://less-than-epic.blogspot.com/ |
#6
|
||||
|
||||
Quote:
I am a garmin user and I agree this is very disappointing. People should loose their job. I really find it hard to believe that they may have thought they were ready for something like a ransomware or maybe they were just over confident that "nobody would want our stuff". Having been in the IT industry a long time, you cannot be overly confident about any of this stuff. Management has to make it known that routine security/software updates are mandated. Sermon over |
#7
|
||||
|
||||
Quote:
__________________
Chisholm's Custom Wheels Qui Si Parla Campagnolo |
#8
|
|||
|
|||
Quote:
Quote:
I am a 25+ year IT industry veteran (with the past several in information and cybersecurity) and as you probably already know, it is often management who refuses to listen about the need for stronger controls or is willing to pay for them. Everything is a cost-benefit analysis and Garmin may not have originally considered this type of attack a serious threat and/or worth paying to protect against it. For now, this is all speculation. If they ever do a full investigation and release the results we will know the full truth. Last edited by NYCfixie; 08-03-2020 at 07:40 AM. |
#9
|
||||
|
||||
LOL! Never happen. Accountability? A leader once said "You can't handle the truth!"
|
#10
|
|||
|
|||
Quote:
Sometimes publicly traded companies are forced into full disclosure but it often happens weeks/months/years later (i.e. Equifax breach). Heads will roll but it is often not those who actually deserve it. |
#11
|
||||
|
||||
Same thing happened to our company, about five years ago. Russian company hacked and shut down entire system, demanding ransom. After looking for other options for a couple weeks, we gave up, paid ransom and were back in service shortly after. Strangely, this is a 'gentleman's pursuit', of sorts, and there's an 'honor code', where they provide very good customer service to get system restored and operating, once ransom is paid. Without good customer service after the ransom payment, they understand their business model would fail and no one would pay. They were quite professional and the level of customer service was high, after the ransom was paid.
Since, we've spend a large sum trying to keep our system free from outside hacking. Nearly every consultant we've engaged has said there's little way to fully prevent it, and it's better to put resources into developing a parallel system and backing up data frequently. Given hacks of Twitter, Facebook and even Garmin, it seems they're correct, that no system is impenetrable. |
#12
|
||||
|
||||
Quote:
Target (dept store) 55M or so affected, through back door in HVAC system. Garmin may have been / most likely have been through 3rd party/partner network(s). My own company 3x all because of Sr Management NOT paying attention to IT protocol. (to echo the above, probably not direct IT) |
#13
|
||||
|
||||
Isn't this (supposed to be) standard IT protocol?
Covers the rare occasion of a foreign hack and the MUCH HIGHER probability of employee incompetence totally screwing up one of your DB. |
#14
|
|||
|
|||
From what I understand, this is a not-so-new norm of sorts- companies pay the ransom. The choice is clear if the goal is to limit losses and damage, which amounts to getting up and running as soon as possible. I would guess the entities behind these attacks would do a cost-benefit analysis and have priced the ransom amount accordingly. Its the cost of doing business, and even the most sophisticated security is vulnerable to attack.
The social engineering, or human hacking aspect that unterhousen mentioned is particularly interesting, and accounts for a surprising percentage of the security breaches. And these are tech-savvy people who are being compromised. The thinking that only gullible or ignorant people are susceptible has probably resulted in companies being slow to recognize this as a very real threat. |
#15
|
|||
|
|||
Quote:
Greg |
|
|