Garmin Hack

Message
Author
User avatar
TheGreenGoblin
Chief Pilot
Chief Pilot
Posts: 17596
Joined: Thu Aug 08, 2019 11:02 pm
Location: With the Water People near Trappist-1

Garmin Hack

#1 Post by TheGreenGoblin » Mon Jul 27, 2020 5:45 am

Tens of millions of people around the world have found their Garmin devices, including those used by runners, cyclists and pilots, down for fifth day after being hacked by Russian group Evil Corps who are demanding a $10m ransom to restore their operation.

Garmin has been ordered to pay the ransom by the cybercriminal group headed by a 33-year-old Russian playboy hacker, Maksim Yakubets, who drives a customized $250,000 Lamborghini.

In December 2019, the FBI placed a $5 million bounty on Yakubets head leading for information to his capture. It is the largest reward being offered for an alleged criminal connected to cybercrime.

Yakubets' latest target is Garmin who have still offered no explanation for their outage, but security analysts said the reason is likely ransomware, a technique used by hackers to encrypt data and extort funds.

Garmin issue
Pilots using the flyGarmin app may be forced to ground their aircraft after a suspected ransomware attack against the smart device maker appeared to take out key services.

As of Thursday evening EDT, flight plan filing, account syncing and database concierge capabilities were down in the Garmin Pilot app, according to a service outage update from Garmin. Data from the on-board Central Maintenance Computer (CMC) was also unavailable.

“We are currently experiencing an outage that affects flyGarmin and as a result, the flyGarmin website and mobile app are down at this time,” it noted. “This outage also affects our call centers, and we are currently unavailable to receive any emails or chats, but do have limited availability for calls. We are working to resolve this issue as quickly as possible and apologize for this inconvenience.”

The outage seems to have affected the entire firm, which also produces fitness trackers, smart watches and other wearables.

It said the Garmin Connect website and mobile app are also down.
https://www.infosecurity-magazine.com/n ... ld-ground/
Though you remain
Convinced
"To be alive
You must have somewhere
To go
Your destination remains
Elusive."

User avatar
TheGreenGoblin
Chief Pilot
Chief Pilot
Posts: 17596
Joined: Thu Aug 08, 2019 11:02 pm
Location: With the Water People near Trappist-1

Re: Garmin Hack

#2 Post by TheGreenGoblin » Mon Jul 27, 2020 5:49 am

The US military may also be indirectly affected...

https://theaviationist.com/2020/07/25/g ... re-attack/

For private pilots and some commercial operators, who use the ADS-B function of their Garmin GPS (including installed Garmin avionics), the implications of this hack are serious as procedure updates are not available at the moment.
Garmin aviation and navigation watches, from onboard computers to wristtop computers sold around the world, are used by military pilots in the U.S., Russia and many other countries and even by U.S. U-2 surveillance pilots. On March 13, 2020 GPSWorld.com reported that, “The U.S. Air Force is expected to take delivery of more than 100 D2 Charlie aviator watches for the specialized pilot group that flies the Lockheed U-2 aircraft.”

In February, 2018, a U.S. Navy flight crew over the northeastern U.S. was able to navigate and land their EA-18G Growler using a Garmin wristtop computer: the aircraft suffered a catastrophic failure of its environmental control system at 25,000 feet. It was en route from Naval Air Station Whidbey Island to Naval Weapons Station China Lake when the failure occurred. Within minutes, the temperature in the cockpit dropped to well below zero degrees Fahrenheit. Condensation formed, then froze in a thick layer inside the cockpit, obscuring the two-person crew’s view outside of the aircraft. The ice build-up quickly covered vital flight control instruments, making instrument flying nearly impossible as the crew began to suffer the first symptoms of hypothermia. But in the end, the pilot and electronic warfare officer used a Garmin watch to keep track of their heading and altitude while air controllers began relaying instructions to the crew.

Beginning in 2017 the Navy started issuing Garmin GPS smart watches to pilots of the F/A-18 Hornet, E/A-18G Growler and T-45 Goshawk. The first round of watches issued was the Garmin Fenix 3, a watch originally intended for endurance athletes like triathletes, off-road cyclists, adventure racers and distance runners. Since aviators began using Garmin “wrist top computer” GPS-equipped smart watches, the company has introduced several new, aviation specific watches called the Garmin D2 Bravo Pilot, the D2 Charlie, D2 Delta PX and flagship Garmin MARQ series, which includes the MARQ Commander and Aviator, models that actually “Check with Pulse Ox³ to gain awareness of how well your body’s oxygen levels are adjusting to the thinner air at higher altitudes.”
Though you remain
Convinced
"To be alive
You must have somewhere
To go
Your destination remains
Elusive."

User avatar
boing
Chief Pilot
Chief Pilot
Posts: 2714
Joined: Thu Aug 27, 2015 6:32 am
Location: Beautful Oregon USA
Gender:
Age: 77

Re: Garmin Hack

#3 Post by boing » Mon Jul 27, 2020 2:48 pm

What a load of advertising BS. Where did you find that GG, the Daily Fail?

And if a military aircrew persisted in flying around in an iced up aircraft, under ATC, rather than just descending to where the ice would disperse they need to be taken aside for a little education. They were only at 25,000 feet but hung around for minutes, "within minutes", watching the ice build up! They couldn't scrape the ice off the instruments?

" which includes the MARQ Commander and Aviator, models that actually “Check with Pulse Ox³ to gain awareness of how well your body’s oxygen levels are adjusting to the thinner air at higher altitudes.” Ohh pleez !

.
the dreamers of the day are dangerous men, for they may act on their dreams with open eyes, to make them possible.

User avatar
TheGreenGoblin
Chief Pilot
Chief Pilot
Posts: 17596
Joined: Thu Aug 08, 2019 11:02 pm
Location: With the Water People near Trappist-1

Re: Garmin Hack

#4 Post by TheGreenGoblin » Mon Jul 27, 2020 3:50 pm

boing wrote:
Mon Jul 27, 2020 2:48 pm
What a load of advertising BS. Where did you find that GG, the Daily Fail?

And if a military aircrew persisted in flying around in an iced up aircraft, under ATC, rather than just descending to where the ice would disperse they need to be taken aside for a little education. They were only at 25,000 feet but hung around for minutes, "within minutes", watching the ice build up! They couldn't scrape the ice off the instruments?

" which includes the MARQ Commander and Aviator, models that actually “Check with Pulse Ox³ to gain awareness of how well your body’s oxygen levels are adjusting to the thinner air at higher altitudes.” Ohh pleez !

.
Well at least some folks read the links ... ;)))

But whatever the guff factor involved in these watches or mobiles and the various claims made by the manufacturers of the many apps associated with them etc. I can confirm that as of yesterday I was unable to check for GPS updates to my Garmin GPS due to this hack.

My watch tells me the time and that's all. What the fighter jocks do or don't do with their big watches is their business... :p :)

The USAF definitely did equip their pilots with the Garmin equipped watch... https://www.garmin.com/en-US/blog/aviat ... tor-watch/

And the Growler icing event did occur... https://www.defensenews.com/breaking-ne ... er-flight/
The temperature inside the cockpit suddenly plunged to temperatures reaching -30 degrees and a mist pumped into the cockpit, covering the instruments and windows in a layer of ice, rendering the pilots almost completely blind, according to several sources familiar with the incident and an internal report obtained by Defense News.

The fog inside the aircraft iced over the instrument panel, forcing the pilot and electronic warfare officer to use a Garmin watch to keep track of their heading and altitude while air controllers began relaying instructions to the crew. The pilot and EWO were forced to use the emergency oxygen supply, which was completely depleted by the end of the flight.

A heroic effort by the two-person crew and the ground-based controllers managed to guide the aircraft back to Whidbey Island, but both pilot and EWO suffered serious injuries due to frostbite. The aircrew suffered from “severe blistering and burns on hands,” according to the Navy internal report.

In a statement, Naval Air Forces spokesman Cmdr. Ron Flanders confirmed the incident and that the Navy was trying to determine the cause of the incident.

“The aircrew was treated upon landing; one of the aircrew is already back in a flight status; the other is not yet back in a flight status but is expected to make a complete recovery,”

“The mishap is under investigation; I cannot comment further. Once the investigation is complete, the Navy will determine which further actions are necessary.”
Though you remain
Convinced
"To be alive
You must have somewhere
To go
Your destination remains
Elusive."

Pontius Navigator
Chief Pilot
Chief Pilot
Posts: 14669
Joined: Fri Jul 07, 2017 8:17 am
Location: Gravity be the clue
Gender:
Age: 80

Re: Garmin Hack

#5 Post by Pontius Navigator » Mon Jul 27, 2020 4:10 pm

Since I bought my car with built on Satnav my Garmin has been sitting in a drawer. I got it out out of curiosity. Flat battery so I put it on charge. It goes to Garmin Express screen. If I unplug from power it just switches off.

Odd.

Garmin Express has an update but won't..

User avatar
TheGreenGoblin
Chief Pilot
Chief Pilot
Posts: 17596
Joined: Thu Aug 08, 2019 11:02 pm
Location: With the Water People near Trappist-1

Re: Garmin Hack

#6 Post by TheGreenGoblin » Mon Jul 27, 2020 4:13 pm

Pontius Navigator wrote:
Mon Jul 27, 2020 4:10 pm
Since I bought my car with built on Satnav my Garmin has been sitting in a drawer. I got it out out of curiosity. Flat battery so I put it on charge. It goes to Garmin Express screen. If I unplug from power it just switches off.

Odd.

Garmin Express has an update but won't..
I haven't tried today but your experience mirrors mine with the Garmin AERA 660 Aviation. Wouldn't update.

Do you notice how boing is attempting to pooh-pooh this issue. Is he? Could he be Dr Evil? :p =))

Just kidding boing. I shouldn't have quoted the Mail which generally is full of drivel. I undermined my own serious point about a potentially severe aviation issue.
Though you remain
Convinced
"To be alive
You must have somewhere
To go
Your destination remains
Elusive."

Pontius Navigator
Chief Pilot
Chief Pilot
Posts: 14669
Joined: Fri Jul 07, 2017 8:17 am
Location: Gravity be the clue
Gender:
Age: 80

Re: Garmin Hack

#7 Post by Pontius Navigator » Mon Jul 27, 2020 4:32 pm

TGG, I think my battery might be gerfuked.

User avatar
TheGreenGoblin
Chief Pilot
Chief Pilot
Posts: 17596
Joined: Thu Aug 08, 2019 11:02 pm
Location: With the Water People near Trappist-1

Re: Garmin Hack

#8 Post by TheGreenGoblin » Mon Jul 27, 2020 4:37 pm

Pontius Navigator wrote:
Mon Jul 27, 2020 4:32 pm
TGG, I think my battery might be gerfuked.
It definitely sounds like it is dead. Nothing to do with the hack I am sure...

Out of interest I tried connecting again right now and am now getting a connection to the update server.
Though you remain
Convinced
"To be alive
You must have somewhere
To go
Your destination remains
Elusive."

User avatar
ian16th
Chief Pilot
Chief Pilot
Posts: 10029
Joined: Fri Aug 28, 2015 9:35 am
Location: KZN South Coast with the bananas
Gender:
Age: 87

Re: Garmin Hack

#9 Post by ian16th » Mon Jul 27, 2020 4:50 pm

I have an antique TomTom, the battery went phut yonks ago. It stays plugged in the cigar lighter.

The really good news is that I haven;t needed it for anything serious for a few years, as TomTom have exited SA!
Cynicism improves with age

User avatar
TheGreenGoblin
Chief Pilot
Chief Pilot
Posts: 17596
Joined: Thu Aug 08, 2019 11:02 pm
Location: With the Water People near Trappist-1

Re: Garmin Hack

#10 Post by TheGreenGoblin » Mon Jul 27, 2020 5:21 pm

TheGreenGoblin wrote:
Mon Jul 27, 2020 4:37 pm
Pontius Navigator wrote:
Mon Jul 27, 2020 4:32 pm
TGG, I think my battery might be gerfuked.
It definitely sounds like it is dead. Nothing to do with the hack I am sure...

Out of interest I tried connecting again right now and am now getting a connection to the update server.
https://www.bbc.com/news/technology-53553576
The American GPS and fitness-tracker company Garmin is dealing with the aftermath of a ransomware attack, the BBC has confirmed.

Owners of its products had been unable to use its services since Thursday.

However, some of its online tools are now being provided in a "limited" state, according to its online dashboard.

Garmin has confirmed it was "the victim of a cyber-attack that encrypted some of our systems".

But its statement avoided any specific mention of the ransom demand.

"Many of our online services were interrupted including website functions, customer support, customer-facing applications, and company communications," it said.

"We have no indication that any customer data, including payment information from Garmin Pay, was accessed, lost or stolen."

The firm added that it expected all its systems to return to normal operation within a few days, but warned that there might be a "backlog" of user data to process.

It is not known if the firm paid the blackmailers, but a source told the BBC it was in the "final stage of recovery".

The BBC's cyber reporter Joe Tidy said the malware involved was Wasted Locker - a program that scrambles the target's data, and was first detected in the wild around April. Victims are typically contacted after their computers are infected, and told they must transfer funds if they want to return the files to their original state.

Some customers have already reported that Garmin's services appear to be "partially" working again.

Earlier reports claimed that the company had been asked to pay $10m (£7.79m) to get its systems back online.

Pilots who use flyGarmin were unable to download up-to-date aviation databases, which aviation regulators such as the FAA require pilots to have, before they can fly.

Customers were also unable to log into Garmin Connect to record and analyse their health and fitness data.
Though you remain
Convinced
"To be alive
You must have somewhere
To go
Your destination remains
Elusive."

User avatar
boing
Chief Pilot
Chief Pilot
Posts: 2714
Joined: Thu Aug 27, 2015 6:32 am
Location: Beautful Oregon USA
Gender:
Age: 77

Re: Garmin Hack

#11 Post by boing » Mon Jul 27, 2020 7:55 pm

GG,

OK GG, disregard but here is what I wrote.

"The temperature inside the cockpit suddenly plunged to temperatures reaching -30 degrees and a mist pumped into the cockpit, covering the instruments and windows in a layer of ice, rendering the pilots almost completely blind, according to several sources familiar with the incident and an internal report obtained by Defense News."

No, the pilots were not almost completely blind, they could see fine it is just that, apparently, they could not see their instruments or outside of the canopy.

Now, is the article saying an air conditioning malfunction forced the temperature down to -30F (or C, pretty close value) or is it saying that the aircraft lost heating capability because the OAT at 25,000 feet is coincidentally -30F and that would account for the eventual temperature change but only if the crew did nothing about it such as, obviously, descending. If a simple heat failure occurred the crew had tons of time to fly out of the problem. I do not see anywhere that the flight control systems or the instrumentation was effected other than an apparent covering of ice.

I do not think that aircraft air conditioning systems are designed with the capability to cool cockpit air down to -30 what would be the point? To me the only sensible explanation is that the aircraft suffered a total air conditioning failure, perhaps with depressurisation, and the crew for some, perhaps justified, reason decided to remain at 25,000 feet where the temperature in the aircraft, after a time, would get cold and internal icing would occur..

In the unpressurized Jet Provost we climbed up to 25,000 feet for one demonstration, climbing to that altitude in an under-powered aircraft takes far, far, longer than descending. Yes, you collected ice inside the canopy but it never prevented visual clues being available and I never saw ice on the instruments.In fact, most instruments create heat which would tends to prevent icing. 100% oxygen worked fine at that altitude also and we didn't need a fancy watch to tell us if we were feeling groggy.

The incident obviously occurred but I think we are missing the details to assess it fully.

.
the dreamers of the day are dangerous men, for they may act on their dreams with open eyes, to make them possible.

Pontius Navigator
Chief Pilot
Chief Pilot
Posts: 14669
Joined: Fri Jul 07, 2017 8:17 am
Location: Gravity be the clue
Gender:
Age: 80

Re: Garmin Hack

#12 Post by Pontius Navigator » Mon Jul 27, 2020 7:59 pm

TGG, I connected to the server too, there is a map update. I started the update twice and it failed each time. Usual problem, my Satnav, my computer, their server. No rush as I probably won't use it in the car.

User avatar
Undried Plum
Chief Pilot
Chief Pilot
Posts: 7308
Joined: Sun Jul 22, 2018 8:45 pm
Location: 56°N 4°W

Re: Garmin Hack

#13 Post by Undried Plum » Mon Jul 27, 2020 9:29 pm

The transport secretary is leaving a family holiday in Spain early to return to the UK, after quarantine restrictions came into force.
Grant Shapps said he would come home on Wednesday so he can "get through quarantine" as quickly as possible and return to work.
He added he wanted to help the government "handle the situation".
He flew out on Saturday morning aware that the 14-day quarantine rule could be imposed on Sunday.

G-CPTN
Chief Pilot
Chief Pilot
Posts: 7596
Joined: Sun Aug 05, 2018 11:22 pm
Location: Tynedale
Gender:
Age: 79

Re: Garmin Hack

#14 Post by G-CPTN » Mon Jul 27, 2020 9:33 pm

Undried Plum wrote:
Mon Jul 27, 2020 9:29 pm
He flew out on Saturday morning aware that the 14-day quarantine rule could be imposed on Sunday.
Was he allowed to share that information with the rest of his party? - or would that amount to 'insider trading'?

User avatar
ian16th
Chief Pilot
Chief Pilot
Posts: 10029
Joined: Fri Aug 28, 2015 9:35 am
Location: KZN South Coast with the bananas
Gender:
Age: 87

Re: Garmin Hack

#15 Post by ian16th » Tue Jul 28, 2020 7:50 am

Undried Plum wrote:
Mon Jul 27, 2020 9:29 pm
The transport secretary is leaving a family holiday in Spain early to return to the UK, after quarantine restrictions came into force.
Grant Shapps said he would come home on Wednesday so he can "get through quarantine" as quickly as possible and return to work.
He added he wanted to help the government "handle the situation".
He flew out on Saturday morning aware that the 14-day quarantine rule could be imposed on Sunday.
Starting his quarantine earlier will not get him out of it any quicker.

But he will get out sooner,.
Cynicism improves with age

Pontius Navigator
Chief Pilot
Chief Pilot
Posts: 14669
Joined: Fri Jul 07, 2017 8:17 am
Location: Gravity be the clue
Gender:
Age: 80

Re: Garmin Hack

#16 Post by Pontius Navigator » Tue Jul 28, 2020 8:03 am

That is some topic swerve. Did he actually mean to fly to Scotland but Garmin diverted the plane to Spain?

User avatar
TheGreenGoblin
Chief Pilot
Chief Pilot
Posts: 17596
Joined: Thu Aug 08, 2019 11:02 pm
Location: With the Water People near Trappist-1

Re: Garmin Hack

#17 Post by TheGreenGoblin » Tue Jul 28, 2020 9:28 am

Pontius Navigator wrote:
Tue Jul 28, 2020 8:03 am
That is some topic swerve. Did he actually mean to fly to Scotland but Garmin diverted the plane to Spain?
It was all the dark work of Evil Corp! =))

https://www.theguardian.com/technology/ ... -evil-corp
Though you remain
Convinced
"To be alive
You must have somewhere
To go
Your destination remains
Elusive."

User avatar
Undried Plum
Chief Pilot
Chief Pilot
Posts: 7308
Joined: Sun Jul 22, 2018 8:45 pm
Location: 56°N 4°W

Re: Garmin Hack

#18 Post by Undried Plum » Tue Jul 28, 2020 12:46 pm

Pontius Navigator wrote:
Tue Jul 28, 2020 8:03 am
That is some topic swerve. Did he actually mean to fly to Scotland but Garmin diverted the plane to Spain?
That was a whoopsie. :ymblushing: Posted on the wrong thread

User avatar
Undried Plum
Chief Pilot
Chief Pilot
Posts: 7308
Joined: Sun Jul 22, 2018 8:45 pm
Location: 56°N 4°W

Re: Garmin Hack

#19 Post by Undried Plum » Tue Jul 28, 2020 12:47 pm

The hack is actually a potential safety hazard as G1000 and G3000 nav database updates are also affected.

User avatar
Undried Plum
Chief Pilot
Chief Pilot
Posts: 7308
Joined: Sun Jul 22, 2018 8:45 pm
Location: 56°N 4°W

Re: Garmin Hack

#20 Post by Undried Plum » Tue Jul 28, 2020 12:52 pm

ian16th wrote:
Tue Jul 28, 2020 7:50 am
Starting his quarantine earlier will not get him out of it any quicker.

But he will get out sooner,.
He'll change the rules to suit himself. Mebbe cut the days from 14 to 10, or somesuch ruse.

Post Reply