Ransomware strikes Garmin for $10M

Feb 17, 2006
5,274
Lancer 27PS MCB Camp Pendleton KF6BL
... and dumb people. These people should not be allowed anywhere near a computer. I know that is mean, but it is the truth.
 
  • Like
Likes: kloudie1
Oct 22, 2014
20,992
CAL 35 Cruiser #21 moored EVERETT WA
There goes the data, names, boat names, Active Captain accounts, the ransom is the tip of the iceberg for some of these attacks.
 
May 17, 2004
5,028
Beneteau Oceanis 37 Havre de Grace
ActiveCaptain still seems to be working as normal. Perhaps their servers and infrastructure weren’t folded in with Garmin’s services.
 
  • Like
Likes: jssailem
Feb 14, 2014
7,399
Hunter 430 Waveland, MS
I know Raymarine had taken steps to prevent hacking of their internal networks.

Many instruments are now wireless.

Who would want to be using Radar and Autopilot and have a Hacker take over control?

Web access via your instrumentation is always a risk.
Jim...
 
  • Like
Likes: ggrizzard
Jan 25, 2011
2,391
S2 11.0A Anacortes, WA
I know Raymarine had taken steps to prevent hacking of their internal networks.

Many instruments are now wireless.

Who would want to be using Radar and Autopilot and have a Hacker take over control?

Web access via your instrumentation is always a risk.
Jim...
How would this happen?
 

WayneH

.
Jan 22, 2008
1,039
Tartan 37 287 Pensacola, FL
I've got WiFi built into my B&G Vulcan 7 Chartplotter. One of the features you can not do from the repeater display is to change the autopilot heading. The wife asked why not? I replied, Imagine going through the south flood gate in New Orleans and someone activating your autopilot.

The last time I was through that gate there was a 180° magnetic deviation in the middle of the gate. :yikes:

I'm not a techno geek but if they can hijack your RING doorbell, who's to say they can't hijack your autopilot.
 
  • Helpful
Likes: JamesG161

capta

.
Jun 4, 2009
4,766
Pearson 530 Admiralty Bay, Bequia SVG
As far as I know these folks never get caught. They are working from countries like Russia that won't help the authorities. IMO, if they could catch them, they should re-institute the death penalty for cyber terrorists and criminals. They do way too much damage to just brush off and give them a slap on the wrist.
 
Feb 17, 2006
5,274
Lancer 27PS MCB Camp Pendleton KF6BL
Well, if Garmin was smart (??) they would wipe their harddrives and reinstate the data from a backup. Yeah, they may lose yesterday's data but they will still have the main data available. But knowing Garmin, they do not have a daily backup that is not isolated from their internal network. Most big companies don't because it cost too much.
 

srimes

.
Jun 9, 2020
211
Macgregor 26D Brookings
The Equifax hack came from China. Russia supports hacking too.

A multi-billion dollar U.S. company I work with got ransomware last year and their systems were down for 3 months. It infected everything and when they tried to restore their data any missed computer would reinfect everything. They went back to operating by phone and fax and paper. It was crazy.

This type of crime is like piracy and will require international governmental response to contain.
 
  • Like
Likes: ggrizzard
May 17, 2004
5,028
Beneteau Oceanis 37 Havre de Grace
The attack that happened here is very different from any type of attack that would affect chartplotters and onboard instrumentation networks. What probably happened is that some Garmin employee or contractor was tricked into opening an email with a malicious attachment. The malware in the attachment could start encrypting files on that employee’s computer, then spread across the corporate network if it isn’t well secured. To hack your onboard WiFi someone would likely need to be within WiFi range. They’d need to either know or guess your password, or find some exploit in the WiFi capability. That’s a whole different threat environment from an internet full of people that can send anonymous emails waiting for someone to click.
 
Sep 20, 2006
2,912
Hunter 33 Georgian Bay, Ontario, Canada
I've got WiFi built into my B&G Vulcan 7 Chartplotter. One of the features you can not do from the repeater display is to change the autopilot heading. The wife asked why not? I replied, Imagine going through the south flood gate in New Orleans and someone activating your autopilot.

The last time I was through that gate there was a 180° magnetic deviation in the middle of the gate. :yikes:

I'm not a techno geek but if they can hijack your RING doorbell, who's to say they can't hijack your autopilot.
The RING doorbell, like the home security coameras, are connected to your WIFI. You can connect with your computer or other WIFI device. The problem is when people install them and don't change the default password. They are visible on the internet and hackers cruise around until they find one with the default password still in place. Your autopilot on the boat even though connected to other devices on board on WIFI, you would unlikely have internet connection. Someone would have to be very close to your boat in order to take control.
 
Feb 14, 2014
7,399
Hunter 430 Waveland, MS
How would this happen?
Raymarine creates an internal WiFi network that allows me to use my iPad as a terminal or repeat Nav station.
I cannot change my AutoPilot status remotely, but I can steer the boat on a different course or to a way point.

Hack that WiFi and you have control of my boat internal network.
______
The last time I was through that gate there was a 180° magnetic deviation in the middle of the gate.
I get a big deviation with my flux compass when passing near massive steel objects, Thus I put my AP in standby or I will begin a wild swing.
Jim...
 
Sep 22, 2018
1,869
Hunter 216 Kingston
Hack that WiFi and you have control of my boat internal network.
I suppose that would be possible albeit not very likely. Hacker would need to be in range of your boat, normal Wi-Fi range is about 300ft, long enough to “break” your security and authenticate on your network and take over control of your steering.
If someone is that POed at you they will likely just ram you! :)
 
Apr 16, 2017
841
Federation NCC-1701 Riverside
I dont think most people understand how difficult is is to make a sever secure. To observe anything useful on the sever it must be made less secure.

If i was a hacker id create something that sits tight in the host for weeks, play the long game. Any back up less than a couple weeks old would be compromised.
 
  • Like
Likes: jssailem