News

Garmin Online Services Reportedly Hit With Ransomware Attack in demand for $10 Million

Oliver Smith
July 27, 2020
2 minutes read
454

Ransomware attacks are on the rise, and Garmin is the latest big name to take a hit.

A hacker group called Evil Corp demanded $10m from the GPS giant in the latest high-profile ransomware attack. The feds have been chasing Evil Corp for months.

Garmin said Garmin Connect, garmin.com, and even its call centers were hit.

We are currently experiencing an outage that affects Garmin Connect, and as a result, the Garmin Connect website and mobile app are down at this time. (1/2)

— Garmin (@Garmin) July 23, 2020

An ongoing global outage at sport and fitness tech giant Garmin was caused by a ransomware attack, according to two sources with direct knowledge of the incident.

The incident began late Wednesday and continued through the weekend, causing disruption to the company’s online services for millions of users.

In a brief update on Saturday, Garmin said it had “no indication that this outage has affected your data, including activity, payment or other personal information.”

The two sources told TechCrunch that Garmin was trying to bring its network back online after the ransomware attack. One of the sources confirmed that the WastedLocker ransomware was to blame for the outage.

Ransomware attacks have occurred with increasing regularity in the last several years. After gaining access to a computer system through a vulnerability or social engineering, ransomware attackers encrypt important files. They demand heavy payment to provide the decryption key.

Disclaimer: No warranty is herein provided that the information contained in this document is accurate, up-to-date, and/or complete. In no circumstance(s), does such information constitute legal or any other advice. Any person who intends to use, rely, pass-on, or re-publish the information contained herein in any way is solely responsible for the same. We suggest to verify the information and/or obtain expert advice independently if required.

Latest News

News
Legal Challenges Against TikTok for Breaching Child Privacy Policy
TikTok, the most trending social media application in the present times is facing legal actions for violating the UK’s child protection policies. They have been sued by a 12-year old girl from the UK. The girl, whose identity remains anonymous, has been given Anee Longfeild’s support, who is England’s commissioner for child protection. According to the commissioner, the app violates the UK and EU laws.

The girl has been granted anonymity by the court to avoid cyberbullying by the influencers or users of the app. BBC reports that it is hoped the case will be taken to the court which will result in improved data privacy policies of the minor by the app. The case will require the deleting of the application’s data of the minors.

TikTok collects data for the purpose of advertisement. However, the majority of the user base of the app is of teenagers. According to a report by The New York Times, one-third of the TikTok users are 14-year-old minors. This is not the first time the app has been penalized for violating data protection policy. In 2019, FTC fined $5.7 million for violating the privacy laws of the USA regarding minor protection. After this lawsuit, the app was forced to take down the videos of children under the age of 13. A separate section was created for the use of minors only.

TikTok has been under strict scrutiny by the US and a ban has been proposed by the presidential body which is yet to materialize. TikTok’s privacy policy states that they only ask for limited information like name, username, password, and birthday. However, the rest of the data can be collected from the device including the IP address, country-level location, ID, and app activity etc.

The app’s privacy policy has changed in January 2020 which states in detail how the user data will be shared. Enza Iannopollo, privacy analyst at Forrester said, “When you have a child accessing a digital tool, there are unique concerns for the data to be actually stored and tracked, different regions might define children’s age differently. Some countries will say 16, others will say 13.”

She also added that whatever the age of the child is, parental or guardian consent must be required to use the application.

Recent Posts

Blog
Multi-Tier Security - Another Line of Defense Against Bank Account Scammers
The banking sector has been witnessing a significant rise in criminal activities is a major concern of security authorities these days. The latest reports revealed that banks have been violating KYC and AML regulations and there were skyrocketing penalties in 2020. Protecting banks and customers is necessary and identity verification is one of the best ways of doing so. However, conventional methods like manual document verification do not suffice for the needs. There must be more robust and automated systems like digital identity verification and video KYC that can enhance the efficiency of the process.

A single line of defence does not work when it comes to technologically advanced fraudsters. There must be layers of security to filter them no matter how hard they try to surpass ID checks. Hence, multi-tier security is what the banking sector needs. Multiple layers of security checks and identity verification methodologies will make it impossible for fraudsters to enter banks.

What is Multi-Tier Security?

Multi-tier security refers to multiple layers of identity verification to enhance security in organisations. Fraudsters are developing sophisticated ways of fulfilling their malicious intent and a single layer of security cannot help companies. Therefore, there must be multiple layers of ID verification that can prevent fraudsters from entering the business.
A Summary of Bank Scams and Frauds

Over time, many different types of frauds and scams have struck the banking industry. Due to advanced technology, not only banks are streamlining their processes, but criminals have also figured out techniques to execute their plans. Many new breeds of scams have surprised organisations, especially banks. Let’s take a look at some of the fraudulent activities.

Account Takeover Fraud

Account takeover (ATO) refers to the fraud in which criminals get illegal access to bank accounts and use them for illicit activities like money laundering and chargebacks. As technology advances, fraudsters have also become sophisticated in committing account takeover fraud. There was a 43 per cent increase in account takeover fraud during the global lockdown in 2020. The numbers are expected to increase this year as well due to rapid digitisation.

New Account Fraud

A new breed of frauds struck the world a few years ago by the name new account fraud. With time, the rate of this fraud has increased and defeated all other kinds of scams. For a new account fraud, fraudsters use stolen, forged, or synthetic identities to open a new bank account, get a new credit/debit card, or loan money from the bank. According to Javelin Strategy, 3.2 million customers were affected by this fraud alone in 2018.

Identity Theft

Identity theft has been a threat to businesses for a very long time. The numbers are continuously increasing and banks are the primary target. Unfortunately, identity theft has taken various forms as well, including child identity theft, medical identity theft, and social identity theft. This enables criminals in making purchases, opening new bank accounts, and enjoying numerous other benefits with false names.

Data Breach

Data breach is a social engineering technique that fraudsters use to acquire customer information. The stolen data is later used for bank account scams, identity theft, and numerous other illegal activities. The identities stolen from a data breach are also used for new account fraud. Around 8,000 data breaches were reported in 2019. In the first half of 2020, 540 data breaches were reported only in the United States according to Statista.

Biometric Authentication – The Additional Security Layer

Biometric authentication is the additional layer of security that not only enhances the level of security, but it is also a rigid measure that fraudsters cannot dodge. Fooling biometrics is not a piece of cake for criminals because biometric authentication requires the live presence of the individual for identity verification. Voice, face, palm, iris, pupil, and retina are some of the biometric traits of an individual that are required for biometric verification.

Biometric verification employs various artificial intelligence models and the following techniques are used for authentication:

3D depth analysis

Micro-expression analysis

Skin texture analysis

Liveness detection

All these techniques ensure the live presence of individuals and any spoof attacks or deepfakes can be identified within seconds.

How will Multi-Tier Security Help Your Bank?

Digital identity verification is a multi-tier security measure that your bank needs. This system has multiple methods of verifying identities that prevent fraudsters from entering the business. Here is how the process of multi-tier security works:

First, the individual has to register on your bank’s website for the identity verification process

Along with the registration details, government-issued ID documents are also submitted

Then, the information submitted is verified with the government-issued ID document

Once the documents are verified, biometric authentication comes in action and face verification checks are performed

Customers have to submit their selfie or video during verification which is matched with the image on the ID document

Lastly, consent verification checks are also performed in which the customer has to submit a handwritten or typed consent note

Conclusion

All in all, verifying identities with the manual method is not an adequate option in the digital world. Digital identity verification is an automated process of verifying identities with layers of security to increase the efficacy of the process. One of the strongest layers in this method is biometric authentication that ensures the live presence of the customer for verification. Fraudsters cannot bypass these checks through any of their techniques. Due to the robustness of this technique, bank account scammers fear from the additional layers of security to verify identities and transactions. Identity theft, account takeover fraud, new account fraud, and data breaches are some of the criminal activities that have increased over time. Now, banks need a multi-tier security system to ensure the security of the customers as well as the organisation.

Get in touch with our experts and learn more about the digital ID verification system and biometric authentication.

Talk to us

Garmin Online Services Reportedly Hit With Ransomware Attack in demand for $10 Million

A Summary of Bank Scams and Frauds

Account Takeover Fraud

New Account Fraud

Identity Theft

Data Breach

Biometric Authentication – The Additional Security Layer

How will Multi-Tier Security Help Your Bank?

Conclusion

Let’s prove your

customer’s identity

with Shuftipro.

Let’s prove your customer’s

identity with Shuftipro.

Sweden

Cyprus

United Kingdom

Dubai

Бесплатный 15-дневный
тестовый доступ

Garmin Online Services Reportedly Hit With Ransomware Attack in demand for $10 Million

What is Multi-Tier Security?

A Summary of Bank Scams and Frauds

Account Takeover Fraud

New Account Fraud

Identity Theft

Data Breach

Biometric Authentication – The Additional Security Layer

How will Multi-Tier Security Help Your Bank?

Conclusion

Let’s prove your

customer’s identity

with Shuftipro.

Let’s prove your customer’s

identity with Shuftipro.