A devastating ransomware attack has hit smartwatch manufacturer Garmin over the past few days, knocking out critical company systems and likely costing millions in damages. Tens of millions of Garmin customers around the world have suddenly found their devices unusable, and the company was forced to close its website, call centers and online services.
Garmin’s systems were compromised by a ransomware attack which encrypted the company’s internal network and production systems, causing widespread outages. It’s been reported that the attack was the work of a Russian cybercriminal gang dubbed ‘Evil Corp’, who reportedly tried to extort Garmin for a ransom of $10 million.
This attack is the latest in a long string of high-profile ransomware cases affecting large enterprises, which also includes foreign currency firm Travelex, which was hit by a ransomware attack with a reported ransom of $3 million. Ransomware however, is a major concern for businesses of all sizes, with recent research finding that 47% of businesses hit by ransomware in the last year were businesses with 100-1000 employees. The research also found that ransomware is becoming more sophisticated, with cyber-criminals putting more time and effort into targeted ransomware attacks.
The recent attack against Garmin highlights this. While much is still unknown about the attack and how it spread, it’s been reported that Garmin was hit by a piece of ransomware known as ‘WastedLocker’. Recently, it was found that ‘Evil Corp’ had compromised US newspaper websites in order to target select visitors with a piece of malicious software. This gave them a backdoor to install ‘WastedLocker’ into the victim’s network. It’s thought that this my have been how Garmin became compromised, as a news website would not have been flagged as suspicious by the company’s security systems.
The increasing sophistication of ransomware attacks, and in particular the example of WastedLocker, highlights the critical business need for internet isolation. Isolation technology isolates all browsing activity away from users’ devices and executes it on a remote server. This server is not connected to the company’s regular IT infrastructure, protecting users from any web-based malware or ransomware. With this technology in place, viruses, malware, malicious downloads, email attachments and unsecure webpages are all executed in isolation, removing any threats from company networks and devices. This helps to prevent the spread of ransomware, and vastly improves security for both large and small enterprises.
“Isolation is a natural evolution in the prevention of attacks across both Web and Email. By simply ensuring no active content can reach the end user, the attacker has no means to exploit a vulnerability on the end users machine and thereafter install their malicious code or application,” Menlo Security EMEA Solutions Architect Brett Raybould told Expert Insights. Menlo Security are one of the world’s leading isolation providers, protecting organizations globally with their isolation core technology.
“Detection based controls are only as good as their signatures, heuristics, behavioural analysis weightings or whichever technique they are relying on to detect malicious code as it’s entering the network or end users machine,” Raybould continues. “Attackers inevitably change their tactics to bypass these controls, leaving organisations at risk. In the case of a successful ransomware attack, this can be very damaging, not only financially but also from a brand perspective,”
Isolation has been described by many as a potential future for endpoint, email and web security technologies. This is because it moves businesses away from attempting to block malware, something that the growing sophistication of ransomware attacks makes increasingly difficult, towards a model of containing attacks. This means that even as attacks become more advanced, they are isolated away from the business network, eliminating the vast majority of cyber-threats.
Despite the increase in sophistication of ransomware attacks and the clear benefits of isolation technology, many businesses are still relying on traditional methods of web and endpoint security to protect themselves from ransomware attacks. However, the example of Garmin demonstrates that businesses will need to implement stronger technologies like isolation to combat the ransomware threat.
Discover the top internet isolation solutions