So Garmin paid.
Last week Garmin was infected by ransomware. The ransom initially was somewhere around 20-40m in order to unlock their files. During this time all Garmin services were down.
It looks like Garmin paid the ransom as they received a decryptor. Bleepin.g computer posted yesterday that the Garmin IT team put out files for users to decrypt their computers and for the team to decrypt their servers.
This leads me to believe there was something seriously wrong with the way Garmins network/security and DR process was configured. Even if you get infected by ransomware (which in an organisation this large should not happen) then you should be able to recover from backups.
Since all their services went down as well, it seems to show their local network and production systems were all linked with very little security in between.
This should be a wake up call to many businesses to get their security sorted. We've heard of many successful ransomware attacks over the last couple of months of New Zealand businesses.
With the right services in place, it is very hard for ransomware to infect your system, let a lone even get to your systems in the first place.