Garmin $10mil Ransom Carry Paper Map/Compass

WyoDoug

Well-known member
Joined
Apr 8, 2019
Messages
1,753
Location
Cheyenne, Wyoming
Let's say for sake of it and they paid ransom of $10M. What the decryption process does is damage data severely. But that is not the only thing. One thing they do is load so much spyware on your systems, you will never get rid of it except through wiping your hard drives, restoring both the systems and data and then installing antivirus and other software and investing more into hi-tech security systems. The most high profile example of ransomware attack is Baltimore City Government. BUT they paid over 17 million dollars recovering data when the ransom got dropped to $52,000. Prior examples had proven that more often than not, encrypted files remain encrypted even after paying the ransom. And the "encryption key" they send you often contains even more severe malware.
 

rustednuts

Active member
Joined
Apr 7, 2018
Messages
247
Correct. If they even send a valid key for decryption once you pay. Generally you send a file encrypted by them to be unlocked and sent back to you as a "proof of life" before you pay, but still no guarantees after that. Garmin probably runs more servers and VMs than most anyone on this forum has seen. Takes time to wipe,restore and test, especially if they had to pull from offsite or physical. Between backend/frontend and inter-connectivity with databases etc. it will surely be quite a process to get back to full functionality. Their IT staff is probably running on extremely little sleep through all this.
You know if you used kubernates you wouldn’t have this problem. I can hear the salesmen calling now.
 

JeffJ

Well-known member
Joined
Jul 23, 2019
Messages
770
Location
Missouri
Can't even stop numbers being spoofed, let alone track them back to India haha.
 

Trial153

Well-known member
Joined
Jan 4, 2016
Messages
1,942
Location
New York
Looks like it back up and running, I just logged in an switched to the unlimited plan
 

Wildabeast

Well-known member
Joined
Mar 11, 2020
Messages
676
Location
Park City, UT
The problem is you pay up you get hit again. I would not pay this ransom. Most large companies do daily backups and it is usually a matter of taking computers off-line and doing restorations.
Unless the malware laid dormant for several months replicating itself before shutting things down. Which is how a lot of them work. Then all of your backups are contaminated as well. You may be able to isolate it to certain files, but these things are getting pretty sophisticated - often deploying multiple attack vectors. You think you’ve isolated the infected file(s) only to find out after an incredibly expense restore that you did not get everything. I often compare it to cancer. Once you’ve got it, it’s really hard to get rid of it. Even when you think you have, it could come back at any time.

The weakest link in the chain is the end user. Be careful what you click on folks!
 

Wildabeast

Well-known member
Joined
Mar 11, 2020
Messages
676
Location
Park City, UT
I think this is very true. A good number of years ago I was quite surprised at how poorly a friend of mine could read a map. He is a smart guy but not with maps. The map was a block management map and I would have thought a child could have read it.
My kids make fun of me because I alway set my car navigation so that north is up. It’s the only way I know how to read maps and navigate! But the default on almost all car nav systems is that “up” is the direction you are heading. Set my way, my kids get confused as to whether they should turn left or right when heading south because it’s the opposite of what’s on the screen. To me, it’s intuitive that’s what you’d do. Just different experiences I guess. Probability doesn’t help that even in the days of paper maps, their mom had to turn the map in the direction she was heading to know which way to turn 🤷‍♂️
 

WyoDoug

Well-known member
Joined
Apr 8, 2019
Messages
1,753
Location
Cheyenne, Wyoming
Unless the malware laid dormant for several months replicating itself before shutting things down. Which is how a lot of them work. Then all of your backups are contaminated as well. You may be able to isolate it to certain files, but these things are getting pretty sophisticated - often deploying multiple attack vectors. You think you’ve isolated the infected file(s) only to find out after an incredibly expense restore that you did not get everything. I often compare it to cancer. Once you’ve got it, it’s really hard to get rid of it. Even when you think you have, it could come back at any time.

The weakest link in the chain is the end user. Be careful what you click on folks!
The way we do it with state employees is the ETS (our version of IT) wipes and formats drives and then reinstalls the operating system from original installs. Then that follows by installing the applications from original install disks. All the pictures, documents, data on the infected PC or server is lost permanently. Then the data from backups is scrubbed and that takes a long time an you usually get the last backup prior to the first known intrusion of the ransomware that passes integrity testing by the vendor we use. It takes about two weeks to bring database files back up and sometimes we have to bring in vendors to reinstall proprietary software which causes thousands of dollars. ETS does daily backups and they are stored offsite but they do not do backups of individual PCs. That is left to the employee to do which is rarely done.
 

Western Traveler1

Well-known member
Joined
Aug 18, 2017
Messages
559
Location
The Front Montana
Always carry a paper map and compass.
I was doing a delivery up to Anchorage and traveling the Inside Passage. The young tech savvy Mate was complaining because I was having him plot our position on a paper chart on the half-hour and mark the inlets as we passed by at 20 knots (We had redundant electronic nav systems running). Finally a course change was made at nightfall and I pointed at the electronic plotters. They indicated we were a half-mile inland as we traveled that channel. End of argument.
Unfortunately there is a growing segment of younger folks that put all their faith in electronics. They are unquestionably handy and convenient but bet ones life on it? Sometimes...
 
Last edited:

lastlight

Active member
Joined
Mar 30, 2018
Messages
205
Location
Northern California
Call me an ass but if you go into the woods with only relying on a GPS device and get lost you probably deserve that, especially in the lower 48. It would be good for you to scare the shit out of yourself and learn some basic outdoors skills. For the record my Inreach worked fine these past two weeks scouting wilderness :)
 

WyoDoug

Well-known member
Joined
Apr 8, 2019
Messages
1,753
Location
Cheyenne, Wyoming
I once got lost with a cheap GPS. Not far though. Took the wrong finger off the plateau where I was and ended up one ridge west of where camp was. Wasn't lost long once I recognized the area, but a ton of exercise climbing up the side of the ridge going to my camp. That was a steep climb too.
 

teej89

Well-known member
Joined
Oct 7, 2015
Messages
1,597
Location
West of the Rockies
I once got lost with a cheap GPS. Not far though. Took the wrong finger off the plateau where I was and ended up one ridge west of where camp was. Wasn't lost long once I recognized the area, but a ton of exercise climbing up the side of the ridge going to my camp. That was a steep climb too.
Do you work in IT? You sure seem to know a lot, good stuff!

My FIL's friend who owns a company they got hacked and all their files locked. They paid the ransom only to get another email saying thank you and here's the first PW to unlock your files, now it's 75k for the next key.
 

WyoDoug

Well-known member
Joined
Apr 8, 2019
Messages
1,753
Location
Cheyenne, Wyoming
Do you work in IT? You sure seem to know a lot, good stuff!

My FIL's friend who owns a company they got hacked and all their files locked. They paid the ransom only to get another email saying thank you and here's the first PW to unlock your files, now it's 75k for the next key.
I don't currently work in IT. Years ago I worked at Melco Industries in Colorado and wrote their databases in C++ and used some Oracle modules and worked under their IT manager. I do have a bachelors in computer science and was just short of my masters when I got bored with college and quit. However, my knowledge right now might be outdated because as you know hi-tech advances and changes every day.

I do know enough about these ransomware attacks because I studied them as part of my current job and in nearly all where the company paid a ransom, the data was not usable. It also gives them a backdoor back into your systems. Until you clean everything and install better anti-viral software, you are extremely vulnerable to new attacks. Odds are around 90% that your data at the minimum is damaged.
 
Top