CDK Global, a major software-as-a-service (SaaS) provider for car dealerships, recently faced consecutive cyberattacks, severely disrupting the automotive sales and service industry. These breaches highlight the increasing sophistication of cyber threats and the widespread implications of such incidents on various sectors.
Initial Cyberattack and Immediate Shutdown
On June 18, 2024, CDK Global detected a cyberattack that led to the shutdown of their data centers, IT systems, and login services. This initial breach caused significant operational disruptions for car dealerships relying on CDK’s platform for sales, inventory management, and customer service. Dealerships, including industry giants like Penske Automotive Group, reported severe outages, affecting both commercial and consumer transactions.
Efforts to Restore Services and Second Breach
As CDK began restoring services on June 19, bringing some systems back online, they were hit by a second cyberattack later that evening. This forced the company to shut down most systems again. Affected dealerships had to resort to manual processes, significantly slowing down their operations. Customers attempting to purchase or service vehicles were turned away, adding to the chaos.
Expert Insights and Industry Reactions
Cybersecurity experts note that these attacks are becoming increasingly sophisticated and damaging. Hackers now infiltrate systems stealthily, often remaining undetected for extended periods before launching debilitating attacks. The shift to interconnected, cloud-based systems, while beneficial for business operations, also creates vulnerabilities that hackers exploit.
Modern hackers are more patient and strategic, often waiting for the most opportune moment to strike. This approach allows them to maximize the damage and leverage higher ransom demands.
Comparisons to Other Sectors
The auto dealership sector is not alone in facing such challenges. Similar cyberattacks have targeted healthcare systems, such as the ransomware attack on Ascension in May and the February attack on Change Healthcare. These incidents highlight a broader trend where critical infrastructure and industries with outdated systems become prime targets for cybercriminals.
CDK’s Response and Ongoing Challenges
In response to the attacks, CDK Global is working with third-party cybersecurity experts to assess the damage and restore services. However, the restoration process is expected to take several days if not longer, with no clear end in sight. An email purportedly sent to CDK customers on Tuesday and shared on social media indicates that the company does not expect to restore services to all impacted car dealerships by June 30th. The company is also negotiating with the hackers, who are demanding tens of millions of dollars in ransom.
CDK’s spokesperson, Lisa Finney, emphasized that they are taking all necessary precautions to protect their customers and prevent further breaches. Despite these efforts, the prolonged outage continues to disrupt dealership operations nationwide.
The Bigger Picture: Cybersecurity in the Automotive Industry
The CDK Global incident underscores the urgent need for robust cybersecurity measures in the automotive industry. Cliff Steinhauer from the National Cybersecurity Alliance points out that auto dealerships, which typically do not specialize in cybersecurity, rely heavily on their software providers to safeguard their systems. This dependency creates significant risks, as seen in the recent attacks.
Given the continued vulnerability of the automotive sector to cyberattacks, primarily due to the lack of dedicated IT security staff at most dealerships, it may be prudent for the industry to explore virtual CISO solutions. Services like those offered by Compass IT Compliance provide access to top-tier IT security and compliance expertise on a scalable retainer basis, offering a cost-effective alternative to hiring a full-time CISO and supporting dealerships in achieving and maintain compliance with the myriad of applicable regulations, such as the Gramm-Leach-Bliley Act (GLBA). Additionally, dealerships should consider implementing robust data center solutions to ensure the secure and compliant backup of critical data and personally identifiable information (PII). This proactive approach can significantly reduce operational risks associated with catastrophic outages.
For more information on mitigating risks and damages from cyberattacks like the recent CDK Global breach, contact our team of experts today.
.webp?width=2169&height=526&name=Compass%20white%20blue%20transparent%202%20website%20(1).webp "Compass IT Compliance")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
No Comments Yet
Let us know what you think