Ransomware strikes Garmin for $10M

Aug 1, 2011
3,972
Catalina 270 255 Wabamun. Welcome to the marina
I'm not a techno geek but if they can hijack your RING doorbell, who's to say they can't hijack your autopilot.
Mostly because your boat is not connected to the interweb.
 

jviss

.
Feb 5, 2004
6,745
Tartan 3800 20 Westport, MA
Mostly because your boat is not connected to the interweb.
Simrad and Raymarine MFDs can connect to the internet via a Wi-Fi access point or mobile hotspot. This is used for updating firmware, etc.
 

SFS

.
Aug 18, 2015
2,066
Currently Boatless Okinawa
Reading some of the press reports on this event but Garmin hasn’t made a detailed statement so it sure of the “facts” but...

it appears that the source of the ransomware might be an entity that has been “sanctioned” by the USA gov. Assuming that’s factual the company might NOT be able to pay the ransom even if they wanted to.
Crazy world we are in folks! :)
What? Sanctioned as in condoned/protected, or sanctioned as in placed penalties upon? And what is the source of such information? I don't put much stock in "it appears that". Way too much misinformation these days.
 
  • Like
Likes: ggrizzard
Sep 22, 2018
1,869
Hunter 216 Kingston
What? Sanctioned as in condoned/protected, or sanctioned as in placed penalties upon? And what is the source of such information? I don't put much stock in "it appears that". Way too much misinformation these days.
Feel free to investigate. I did NOT attempt to claim that what I read and passed on was “factual” not trying to con anyone!!!!

 
May 17, 2004
5,031
Beneteau Oceanis 37 Havre de Grace
Simrad and Raymarine MFDs can connect to the internet via a Wi-Fi access point or mobile hotspot. This is used for updating firmware, etc.
Even then it’s generally behind a marina’s router that prevents it from being publicly available or addressable. It establishes an outbound connection straight to the vendor and downloads the update file. At least in the case of Simrad (probably Raymarine too but I haven’t checked) there are also integrity checks applied before installing the firmware, so it can’t be tampered with along the way. So the attacking threat is still pretty limited to those in proximity of the WiFi network or with pretty sophisticated skills.
 

ambler

.
Dec 7, 2013
60
catalina 22 11619 Watauga Lake, TN
Garmin is starting to come back. I have a fitness tracker that syncs with laptop software and a smartphone app. The data is then backed up to Garmin. When Garmin went down late last week the wristband stopped communicating with the software or app. In fact the app would start to boot and then crash. Today the laptop software will open and all the old data is intact but won't yet sync with the wristband. The smartphone app will boot but shows a system down message. It appears that they've restore all my old data. Garmin's aviation devices are also affected. A more critical application.
 
Aug 1, 2011
3,972
Catalina 270 255 Wabamun. Welcome to the marina
“Can” connect. Unlike the doorbell that “is” connected. :)
 
Jul 23, 2020
20
Wow, someone screwed up!

It happens.

I assume every electrical device will go out when I'm at sea, and so I don't rely on them. I also don't like subscribing to "services" that require monthly fees. I find that every service some corporation wants you to pay for, you can get yourself for free. I often times can access anything I need on my Ipad, but I always consider this a luxury. I have paper charts for wherever I am, I have multiple compasses, a sextant for emergencies, and I have binoculars and a barometer for avoiding squalls. The low tech method has worked for human beings for thousands of years, and it has worked for me (with the added benefit of no monthly fees, or having to worry about this or that getting hacked or hijacked).

*This is just my opinion and what works for me, but I understand people who rely on these services--and I'm not denigrating anyone who chooses to do things high tech. It's certainly more convenient.
 
Apr 8, 2011
768
Hunter 40 Deale, MD
The RING doorbell, like the home security coameras, are connected to your WIFI. You can connect with your computer or other WIFI device. The problem is when people install them and don't change the default password. They are visible on the internet and hackers cruise around until they find one with the default password still in place. Your autopilot on the boat even though connected to other devices on board on WIFI, you would unlikely have internet connection. Someone would have to be very close to your boat in order to take control.
+1 on this. Yesterday I was in a marina next to another transient in a beautiful Catalina 445. Nice live aboard couple. I went to my VictronConnect app to check my solar output and without realizing it I clicked on his solar charger and it logged me right in - default password. I could see and control everything in there. If I wanted to be malicious I could’ve shut off the panel voltage, or worse, changed the charging profile to their batteries and damaged or destroyed them. How about making the solar panel think it was charging a 24 volt system? Changing bulk, float and absorption voltages? Yikes!!!
 

Attachments

May 27, 2004
1,964
Hunter 30_74-83 Ponce Inlet FL
tfox,
So you inadvertently (sic) logged into another boats signal using the "default password"?
At what point did you realize you were in someone else's network, when you used the password?
And what is a "default password"?
I'd like to check to make sure I don't have any enabled.
 
Aug 1, 2011
3,972
Catalina 270 255 Wabamun. Welcome to the marina
tfox,
So you inadvertently (sic) logged into another boats signal using the "default password"?
At what point did you realize you were in someone else's network, when you used the password?
And what is a "default password"?
I'd like to check to make sure I don't have any enabled.
Signal being inferred as “logging onto their” wifi, and then scanning the network, and then finding the device and using the broadcast ip address, and the associated name, knowing what it is snd hopping into it with the default password?
did we miss sonething @tfox2069 ?
 

Lazy1

.
Aug 23, 2019
173
Catalina 22 13425 A driveway in Pittsburgh
Huh?
Bluetooth has nothing to do with wifi, network scanning, finding, broadcast... except the bluetooth broadcasts itself to anything that is listening within 20-30 feet.
Now I would expect it to prompt you for even the default passpin even though it is displayed in the app

Maybe I am misinterpreting previous posts, that happens a lot.
 
Last edited:
  • Like
Likes: tfox2069
Apr 8, 2011
768
Hunter 40 Deale, MD
Signal being inferred as “logging onto their” wifi, and then scanning the network, and then finding the device and using the broadcast ip address, and the associated name, knowing what it is snd hopping into it with the default password?
did we miss sonething @tfox2069 ?
My devices used the default pin as well - I hadn’t changed it, so clicking on the other boat’s device, with a very similar default name, automatically logged me in with the default pin - no prompting to enter a pin. Lazy1 has it right, I didn’t log into anyone’s wi-fi - these are Bluetooth devices, so they appear in the VictronConnect software when you open it, without you logging into anything. I’ve since changed my default pins and device names as a result of realizing how easy it was to do this accidentally. I can also now clearly see which devices are associated with my boat instead of the confusingly similar default names.
 
Last edited:
Oct 1, 2007
1,856
Boston Whaler Super Sport Pt. Judith
Even then it’s generally behind a marina’s router that prevents it from being publicly available or addressable. It establishes an outbound connection straight to the vendor and downloads the update file. At least in the case of Simrad (probably Raymarine too but I haven’t checked) there are also integrity checks applied before installing the firmware, so it can’t be tampered with along the way. So the attacking threat is still pretty limited to those in proximity of the WiFi network or with pretty sophisticated skills.
Are you saying that a shipboard device like Simrad can connect to home base using an available marina wi fi connection which is secure, requiring a password? I also use a device that connects to the cell phone network for web access when we are aboard and away from the marina. Is that device usable by other devices nearby although it is secure?
 
May 17, 2004
5,031
Beneteau Oceanis 37 Havre de Grace
Are you saying that a shipboard device like Simrad can connect to home base using an available marina wi fi connection which is secure, requiring a password?
The devices can be configured by the user to connect to secured or open WiFi networks. They won’t just do it automatically- the WiFi network has to be selected from the device, and the password entered of there is one.

I also use a device that connects to the cell phone network for web access when we are aboard and away from the marina. Is that device usable by other devices nearby although it is secure?
The network you’re creating will only be usable if you provide the password and it’s entered into the clients.
 
  • Like
Likes: Rick486
Oct 1, 2007
1,856
Boston Whaler Super Sport Pt. Judith
The devices can be configured by the user to connect to secured or open WiFi networks. They won’t just do it automatically- the WiFi network has to be selected from the device, and the password entered of there is one.


The network you’re creating will only be usable if you provide the password and it’s entered into the clients.
Thank you for clarifying.
 
Apr 8, 2011
768
Hunter 40 Deale, MD
LOL! Nothing inadvertent about getting beyond ”seeing” that network :twisted:
As soon as I clicked on the panel history I realized I wasn’t in my device - he clearly had much more solar than I do - but that was the first indicator something was amiss.
Anyway, I’m done defending myself. I hope someone finds my honest mistake helpful - I know I changed some things as a result which will keep people from accidentally or on purpose gaining access to my devices, and prevent me from inadvertently clicking on someone else’s device.

Have fun out there.
 
Sep 22, 2018
1,869
Hunter 216 Kingston
It seems to be increasingly difficult to “protect” your business and/or home from intrusion.

Some of this is because of the “connected home” trend where manufactures are implementing wifi in their products. I have a bunch of items that I could connect to my home router if I choose to but why on earth would I want to “remotely” check the status of my dishwasher or have it “notify” me that it was finished??? :)

Take that trendy thinking into a business environment (especially if you have an executive that has all of their appliances on line) and you have a LOT of exposure.

The “professional” hackers likely have equivalent experience to the average IT pro especially in smaller companies so they know where the exploits are and take advantage. The IT pro can’t completely close all of the gaps or the systems don’t work.

Many companies don’t maintain or even have a disaster - business recovery plan

Very challenging to find the right balance between paranoia and openness. :)
 

RoyS

.
Jun 3, 2012
1,739
Hunter 33 Steamboat Wharf, Hull, MA
How about all the people who use those talk to devices in their homes? e.g. "Alexa, how much is 25 x 4?" My grandchildren use these things in that exact manner because not only have they not learned simple math, they are now too lazy to pick up their calculator. One of them never learned cursive writing so his signature on a graduation gift check was his name, printed. Security there? Soon they will be running the engine of the world. We are all doomed.
 
  • Like
Likes: ggrizzard