Security News > 2020 > August > Garmin Pays Up to Evil Corp After Ransomware Attack — Reports
Garmin, the GPS and aviation tech specialist, reportedly negotiated with Evil Corp for an decryption key to unlock its files in the wake of a WastedLocker ransomware attack.
Sources reportedly shared photos with BleepingComputer of a Garmin computer with encrypted files with the.
Sky News meanwhile reported that the device-maker paid the ransom to Evil Corp, the gang behind the ransomware, via a ransomware-negotiation business called Arete IR. If Garmin did indeed pay the ransom, the company could be in hot water from a legal perspective.
The U.S. Treasury Department in December issued sanctions against Evil Corp, which state that "U.S. persons are generally prohibited from engaging in transactions" with Evil Corp or any of its individual members.
"It's crucial within an organization's cybersecurity program to have a backup policy. This policy needs to include the planning and testing of backups regularly to determine their integrity. If the backup restoration process fails, it can mean additional risk to the organization's revenue and reputation due to the downtime. Backups are just one part of a ransomware mitigation plan. Examining the root cause of most ransomware attacks is determined either to be a phishing attack or through vulnerable and unpatched systems."
News URL
https://threatpost.com/garmin-pays-evil-corp-ransomware-attack-reports/157971/
Related news
- Six ransomware gangs behind over 50% of 2024 attacks (source)
- DDoS Attacks Surge 46% in First Half of 2024, Gcore Report Reveals (source)
- CISA warns of Jenkins RCE bug exploited in ransomware attacks (source)
- CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks (source)
- Most Ransomware Attacks Occur When Security Staff Are Asleep, Study Finds (source)
- Most ransomware attacks occur between 1 a.m. and 5 a.m. (source)
- New Qilin Ransomware Attack Uses VPN Credentials, Steals Chrome Data (source)
- Lateral movement: Clearest sign of unfolding ransomware attack (source)
- BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave (source)
- U.S. Agencies Warn of Iranian Hacking Group's Ongoing Ransomware Attacks (source)