trener1 wrote:
mickison wrote:
Why do you believe garmin paid off the attackers?There is an article up on Cyclingnews that insinuates that Garmin paid, though it seems based on speculation more then fact
Almost everyone pays. Actually they don't. They hire a cybersecurity firm who pays by proxy so the client can claim they didn't pay off the hackers. The client might carry cybersecurity insurance and that in turns pays back the fee paid to the cybersecurity firm. Absurd, but that's how it typically goes down.
The highly publicized Garmin hack would have a low chance of affecting their user base. Compromised watch firmware would not be of much use without an LTE connection on the watch. Maybe they could have altered the garmin mobile apps? Maybe. But that wasn't the goal. Goal was just holding Garmin's business data for ransom. Not escalating the hack further.
The hacks that are of most concern are stealthy ones. Highly targeted. Hackers infiltrate networks without anyone getting the wiser and remaining on those networks for literally years. The attacks which blow up everything and cause business stoppage those are amateurs or simple ransomware thieves. Ransomware attacks are indiscriminate spray and pray against any vulnerable target they can find.