Garmin is a company that offers a variety of products that integrate GPS. As a result of ransomware, its entire network was taken offline. The incident occurred last week. Garmin had to pay a ransom in crypto, Bitcoin or Monero.
$10 million to recover the data
The information was published by Garmin itself through a press release. Thus, on 23 July, part of Garmin’s data was deciphered, putting the entire network at risk.
According to several sources, it would appear that this attack was the work of a group of Russian hackers already known: Evil Corp. They would have used the WastedLocker ransomware.
To succeed in decrypting the data, Evil Corp has demanded a staggering ransom of 10 million dollars. Despite this, it would appear that the criminals did not have access to the user data, which therefore remained intact.
With Garmin announcing an imminent resumption of its services, there is every indication that the company was able to pay the ransom and as is often the case in this type of situation, Bitcoin and Monero are preferred as crypto payment currencies.
But the case doesn’t end there…
The United States plans for sanctions
Last December, the US Treasury announced sanctions against Evil Corp for developing the Dridex malware and for aiding the Russian state in attacks against Western companies.
As a result, Garmin will no longer be able to collaborate with the organizations targeted by these sanctions. If the company has actually paid the $10 million ransom, it is also exposed to legal reprisals.
According to sources close to the case, Garmin did not pay the ransom directly and probably went through a third party company. However, this will not prevent legal action.
“Foreign persons may be subject to secondary sanctions for knowingly facilitating one or more significant transactions with these designated persons. “U.S. law
The outcome of this case is not yet known. Nevertheless, Garmin may have put himself in a difficult position. They were faced with a conundrum: pay and face sanctions… or lose all their sensitive data.