This article is based on an article from the Japanese edition of Engadget and was created using the translation tool Deepl.
At the end of July, Garmin suffered a system outage caused by a cyber-attack, and it has come to light that the company has paid millions of dollars in ransom to the perpetrators to resolve the situation.
The system outage was reported early on to be an attack by a ransomware called WastedLocker. The ransomware encrypts files to make them unavailable, and then forces people to pay a ransom to restore them.
It is unclear who was behind the attack and whether a ransom was actually paid, but Sky News reports that the ransom was paid via Arete IR, a specialist incident response company.
The ransomware WastedLocker, which was allegedly used in this case, is suspected to involve the Russian hacker group Evil Corp, which is sanctioned by the U.S. Treasury Department. U.S. companies and individuals are prohibited from doing business with it.
Therefore, if they did indeed pay the ransom, they could pursue the matter, even if not directly. However, the day after the cyberattack on Garmin, Arete IR released an investigation that found that Evil Corp was not involved in WastedLocker.
WastedLocker is a new variant of #ransomware that was initially reported in May and is rumored to have come from the "Evil Corp" group. In this insight, we discuss the four main reasons why Arete experts determined this theory to be inconclusive. (https://t.co/fZUmHCXMMn) pic.twitter.com/hvdMNEEVpe— Arete Incident Response (@Arete_Advisors) July 24, 2020
Due to the timing, it is believed that the company had already been asked by Garmin at this point, but the company said it could not reveal details due to its contractual obligation of confidentiality.
source: Sky News
This article is based on an article from the Japanese edition of Engadget and was created using the translation tool Deepl. The Japanese edition of Engadget does not guarantee the accuracy or reliability of this article.