Garmin systems return to normal, as questions arise whether the $10 million ransom was paid

Garmin Edge 1030 and accessories
Garmin Edge 1030 and accessories (Image credit: Josh Ross)

After last week's reports that Garmin was subject of a ransomware attack by WastedLocker, Garmin has issued a statement confirming its systems were subject to a 'cyber attack', but announces that it expects "to return to normal operation over the next few days." 

The malware affected more than just cycling services such as Strava uploads, with Garmin's automotive and aviation departments also seeing outages, but the Garmin System Status page (opens in new tab) confirms that its services are beginning to return to full capacity, showing a mix of 'online' or 'limited' across its various services. 

To view the statement, or for answers to frequently asked questions, head to Garmin (opens in new tab)

Read more

Best cycling computers (opens in new tab)

Garmin Edge 830 review (opens in new tab)

Garmin 1030 review (opens in new tab)

In its statement, Garmin fails to confirm the exact nature of the cyber attack and makes no mention of ransomware. In the days since the outage began, it was widely reported that anonymous sources from within the company admitted WastedLocker ransomware to be the cause. 

We previously reported that rides are beginning to re-sync with Strava, but in the days since, speculation has been building among news and tech publications as to how Garmin has resolved the problems. 

According to a press release from December 2019, Evil Corp, the Russia-based group behind the hack, was hit with sanctions by the US Treasury. The press release states: "U.S. persons are generally prohibited from engaging in transactions with [Evil Corp]" which essentially means it would be illegal for Garmin to have paid the ransom. 

An article from Sky News (opens in new tab) explains that Garmin has obtained the decryption key, however, the article uses interesting wording: "Sources with knowledge of the Garmin incident who spoke to Sky News on the condition of anonymity said that the company - an American multinational which is publicly listed on the NASDAQ - did not directly make a payment to the hackers."

Forbes has since speculated that the $10 million could be a tax-deductible expense, and Experts speaking to The Times (opens in new tab) explained that Garmin 'must have' paid the ransom. 

Beyond the obvious legal implications, the wider consideration at hand is whether paying a ransom would open up Garmin to other opportunistic hackers who come to see the American brand as an easy target. While the company vehemently denies that any sensitive data was breached, if the brand does become a target for future attacks, customers may not be so lucky next time. 

Cyclingnews has reached out to Garmin for clarification but is yet to receive a reply.

Thank you for reading 5 articles in the past 30 days*

Join now for unlimited access

Enjoy your first month for just £1 / $1 / €1

*Read any 5 articles for free in each 30-day period, this automatically resets

After your trial you will be billed £4.99 $7.99 €5.99 per month, cancel anytime. Or sign up for one year for just £49 $79 €59

Join now for unlimited access

Try your first month for just £1 / $1 / €1