Todos
← Back to Squawk list
Garmin Hit By Ransomeware Attack
Garmin servers are down due to a ransomware attack.The company is currently planning a multi-day maintenance window to deal with the attack's aftermath, which includes shutting down its official website, the Garmin Connect user data-syncing service, Garmin's aviation database services, and even some production lines in Asia. (www.zdnet.com) Más...Sort type: [Top] [Newest]
Something that I find very strange in this era of high tech ways to do things computer related these people cannot be found. Seems its almost like its within some part of the industry that is allowing it to happen for some reason.
Hacks get just as sophisticated every day, but ransomware attacks usually involve some form of social engineering, and that's usually where the weak point comes in - humans.
Example - I send a phishing email to all Garmin staff members with a bogus claim that they have an unauthorized transaction on their Bank of America account and they should click to confirm it. Out of all the staff members, someone must bank with BOA and someone might be careless not to see who the sender of the email really is. As much as they teach you to be aware of phishing scams, someone falls for the trap, clicks the link, which then opens up a possibility of downloading malicious software insider Garmin's internal network.
Now the hackers have tunneled their way in and can do whatever they want because they've made it inside, making it much easier to carry out simpler attacks rather than trying to do so from the outside which has more defenses. The ransomeware could then be as basic as encrypting all files on a computer with the request of paying X amt of bitcoins in return for their files (which might be critical to their job etc).
Example - I send a phishing email to all Garmin staff members with a bogus claim that they have an unauthorized transaction on their Bank of America account and they should click to confirm it. Out of all the staff members, someone must bank with BOA and someone might be careless not to see who the sender of the email really is. As much as they teach you to be aware of phishing scams, someone falls for the trap, clicks the link, which then opens up a possibility of downloading malicious software insider Garmin's internal network.
Now the hackers have tunneled their way in and can do whatever they want because they've made it inside, making it much easier to carry out simpler attacks rather than trying to do so from the outside which has more defenses. The ransomeware could then be as basic as encrypting all files on a computer with the request of paying X amt of bitcoins in return for their files (which might be critical to their job etc).
An even bigger problem than finding them is prosecuting them. The perpetrators are usually located in countries that will not extradite them, and as long as they don’t attack systems in the country that they are located in, they are free to continue what they are doing.
You are correct but the solution is to identify and then put a bounty on them. When two or three turn up at room temperature the lure of this scam will be diminished. Understand some of them are in full employ to their host government or members of it and most of them can be shut down economically as well.
If international criminals, are hiding in other countries, there should be a bounty on them, "dead or alive", or they should be removed by covert teams and brought back to justice.
These attacks are not usually from single individuals, but an orchestrated network spread across the globe. Finding the main cell leader and eliminating him, just leads to another cell pop up days later.
This particular attack is said to have been the work of Evil Corp. It is Russian based, spread across the globe, and it's "leader" was already indicted...but it sprang up again.
https://www.wired.com/story/alleged-russian-hacker-evil-corp-indicted/
This particular attack is said to have been the work of Evil Corp. It is Russian based, spread across the globe, and it's "leader" was already indicted...but it sprang up again.
https://www.wired.com/story/alleged-russian-hacker-evil-corp-indicted/
I agree.. but easier said than done... Besides... in America, we usually do not hire Mercenaries.. At least not in the public's eye!
Finding them is easy... Track IP address, and they identify themselves and even tell you where to send the payment... The problem is they are in 3rd world countries and you cannot touch them... They are protected where they are at... Real shame. In reality, I would love to find them and cut their... (Well You Know...) off!
Not that easy, sparkie. Remember watching those TV shows where the signal bounces and cannot be traced?...It actually happens more times than not.
the thing here is they tell you where to send the money and a sample file to get the fix and to let you know how much money to send.
"Where to send the money" is usually a Bitcoin wallet. Good luck tracing that.