Do they not have backup tapes? My father is the IT guy at Birds Eye (A large food manufacturer in the UK for those not aware) and I remember going in with him most Sunday evening’s as a kid to change the backup tapes. If that is the case why not format and restore, and if not then why the hell hasn‘t a massive company such as Garmin not got a robust offline backup system?
I’m pretty sure that I’ve seen recently that you can get those tapes in massive capacity’s of a terabyte or greater nowadays. I remember my dad having to change multiple of these tapes at a time back in the day too, so capacity shouldn’t be an issue just the time to dig out the tapes and restore them.
IT Systems have pushed far further into the core infrastructure of any company. When I started work (for a frozen food firm that used to place orders with Birds Eye, strangely enough), we could operate using manual systems if the computers went down. No firm can operate for long without IT now, so they have redundant systems (one live, one spare). This means..
> The rise of having full redundancy has grown, you do hot swaps between two sets of identical hardware should the primary one go down. You can have a major hardware failure and the end user not even know anything about it. This means you rely a lot less on backups, like you did before. This is what firms focus on mainly when testing, rather than a testing for an all out attack.
> If you do restore from backup, it's a major pain to get systems back in line again. Can be done, but the way systems are highly integrated with each other means if you go to backup it's difficult to re-align.
> If your backup has the malicious code on it, having them doesn't really help. The malware can be sitting there for months before they activate it.
> As their entire system is corrupted, you can even get on to the systems to simply kick off a restore from backup. Think of it like when your iPhone is completely bricked and won't even boot up. You need some serious work to kick it back into life. Pressing and holding the power button for 10 seconds won't do a thing.
The people behind this attack knew what they were doing. I do feel for Garmin, someone somewhere accidentally left the back gate open and it's cost them dear.
That said, as a Garmin user, any sympathy I do have for the IT team does not extend to their Communications team....the lack of info, the terrible FAQ thing they sent out etc is just shocking. Complete disdain for their customers.