Update 7/26: Garmin broke the silence to indicate TechRadar to a short question and answer, where he tries to calm fears compromised user data. Multiple outlets have talked to people who claim to have direct knowledge of the attack on Garmin systems, with strong rumors suggesting at this point that the termination is a ransomware attack that has blocked user data and requires paymrnt to unlock the files, but did not steal them.
On Wednesday, with its call to financial profits, the brand will have to respond to the fall of Garmin Connect to reassure investors and consumers.
There is nothing worse than grabbing a personal best in a race or a cycle and then discovering that you cannot boast about it in the world.OK, there are many worse things – and in reality that kind of behavior is probably not healthy – but for those of us in denial, Garmin’s recent termination is something that is causing a lot of dismay.
Since July 23, the fitness brand has suffered from a lack of connectivity, which was originally due to “maintenance”. This means anyone trying to load a run, swim, ride a bike, a yoga session or any type of fitness training on Garmin Connect the service is unable to do this.
Initially, Garmin was silent, sending only a single Tweet:
This outage also affects our call centers and we are currently unable to receive calls, e-mails or online chats. We are working to resolve the problem as quickly as possible and apologize for the inconvenience. (2/2)July 23, 2020
TechRadar spoke to the brand and although I haven’t shared any further details, there is a new Garmin statement that sheds some light.
“Garmin is currently experiencing an outage affecting Garmin services including Garmin Connect and Garmin Pilot. Following the outage, some features and services on these platforms are not available to customers. In addition, our support call centers products are affected by the outage and as a result we are currently unable to receive calls, e-mails or online chats.
“We are working to restore our systems as quickly as possible and apologize for the inconvenience. Further updates will be provided as soon as available.”
The brand directed TechRadar to short questions and answers on how Garmin Connect does not work did not affect user data – with the primary response to data from affected users offering maximum comfort to users:
We will update this article when and when new information becomes available.
What is really going on?
While maintenance is often scheduled for quiet hours to allow the company to update key services, an outage of this length is almost certainly something much more serious – and a report of ZDNet states that “several Garmin employees used social media to share the details of the attack, defining them all at ransomware attack”.
BleepingComputer says that first-hand sources with knowledge of the matter have confirmed that it is a ransomware attack, which blocks parts of the Garmin system.
The same site now provides much more detail on the reported ransomware attack: according to screenshots allegedly from Garmin employees, the files are locked with the title “GarminWasted” and ransom amounts are required to unlock each one.
If Garmin pays this amount – the implications of paying for the ransomware are strongly debated by law enforcement agencies around the world – has yet to be seen. There is also the fact that 33 percent of organizations do not recover their files, according to research by Trend Micro.
What has not been confirmed is if Garmin has backup systems that it can migrate to if these reports are true. If a company is infected with ransomware, the best action is to use a copy of the servers in another location and shut down the infected system.
According to the source BleepingComputer above, Garmin shuts down its devices in a data center to prevent them from being encrypted. However, it is important to note that Garmin has not confirmed that ransomware is causing the crash and that the Connect app says “Sorry, we are awaiting maintenance. Please check back soon.”
The same article by ZDNet quotes a report from the Taiwan tech site Ithome, who claims that a reminder has been sent to Garmin’s Taiwanese manufacturing facilities stating that “servers and databases” have been attacked and that production lines have been shut down for two days for maintenance.
The pilot software and the navigation database, flyGarmin, used for Garmin navigation systems, also led to some planes reportedly ashore – but the declaration on the flyGarmin status page has been modified to suggest restoring some areas of Garmin systems:
“We are currently experiencing an outage affecting our call centers and are currently not available to receive emails or chats, but we have limited call availability. We are working to resolve the issue as quickly as possible and apologize for the inconvenience.
“Our services are operational and we are monitoring them at this point. ”
Whether this is indicative of the wider Garmin platform returning online remains to be seen, but Garmin is likely to prioritize its navigation systems over personal fitness.
Readers contacted TechRadar with their experiences, with a user who told us: “Garmin Golf does not work, the app cannot be used on a smartphone, therefore no golf map or GPS and the app cannot be used Golf GPS on a watch because it can’t connect to Connect. ”
While Garmin is not confirming the reason behind the interruption, which means that it is still speculation that this problem is due to nefarious intentions, there is clearly a problem that the company is working with to deal with since the saga shows no sign reduction after several days of problems.
Problems are also occurring in larger places. Strava data shows that there hasn’t been any uploading activity to the site since Garmin Connect since July 23 – with overall Strava uploads dropping by more than a third at that time, meaning that this issue also affects services of third parties.
We have contacted Garmin for a statement and will update this article if we have more information.
Is my data safe?
Some sites speculate that historical data is missing from the Connect database, which understandably leads to concerns that user data has been compromised.
However, at this point it was not suggested that the sensitive information was taken by the hackers – Garmin confirmed that there is no “indication” of the interruption of the data, including activity, payment or personal information.
A recent TechCrunch report, who spoke to two sources claiming to have “direct knowledge of the accident”, says that this attack was caused by WastedLocker ransomware. The report claims that this ransomware, according to security researchers Malwarebytes, does not appear to be able to steal or extract data from locked files.
This means that if Garmin has backed up his data – and the fact that flyGarmin is returning online suggests that he might – then he should be able to bring systems back online without worrying about the data being stolen – however, this has not yet been confirmed by Garmin.
We will update this article if we find more information if some data, be they profiles or physiological, have been compromised.
In less worrying thoughts, your daily data will be saved on your watch, whether it’s your body’s battery, stress levels or daily step count, seeing that when the service returns, data will still be possible.
When the service returns, all this data will be reported in the Connect app so you can see everything that happened physiologically.
But how can I upload to Strava?
If you’re desperate to get your data from your watch on Strava or similar platforms (to get recognition for the Friday race to the shops and back … or maybe a 200-mile bike ride), you can still do it manually.
You will need to get the cable you use to charge the device and connect it to the computer. For most devices, it will appear as an accessible drive (in the case of Windows) or in the Finder (for Mac).
Open the device, click on the “Garmin” folder and go to “Activities”. Here you will find your fitness workouts as “.IT” files: they may be listed from the oldest to the most recent, so look for one with a recent date and save it on the desktop.
(If you have a newer watch with music storage capacity, it will be shown as a “primary” device. Click this, then follow the same options above.)
Once you have your relevant .FIT files, go to Strava.com on your browser, log in and press the ‘+’ icon in the upper right corner. Select “Upload Task”, then choose “Upload File” on the left side of the next screen.
From here, simply go to the desktop (or watch Garmin directly if you feel fancy and have decided not to copy the files) and click on the correct files. If these are new activities (as in, you have not already accidentally uploaded them), they will be processed and you can enter information about your training normally.
So watch as the compliments arrive, as most of your friends scratch their heads about getting their races online.
(If you would like more information on how to upload your rides to other devices, including discussions on how to remove older ones, ANT + enabled devices, DC Rainmaker has an excellent guide for checking out).
What is the Internet saying?
Whenever a large company is experiencing problems, or a service that many rely on, it ceases, Twitter is invariably invaded by “peek” shots and comedies about the problem – and this is no different:
Garmin at the moment pic.twitter.com/o25JRtCtquJuly 24, 2020
No sign of the criminal who shot Garmin down. Apparently it has ransomware 😐 #ukrunchat pic.twitter.com/0sm7xGuLTjJuly 24, 2020
Strava when Garmin fixes its servers and all activities affect pic.twitter.com/GwWxyFW8bc simultaneouslyJuly 24, 2020
Wow. With Garmin down, the dinosaurs are finally back in Strava. The app is healing, we are the virus. #Garmin #garminoutage pic.twitter.com/ADQ4wIpFXLJuly 24, 2020