Cyberattack Cripples Auto Dealerships: Lessons Learned & Best Practices to Strengthen Cybersecurity

Cyberattack Cripples Auto Dealerships

Car dealerships across the US and Canada are grappling with the aftermath of a suspected ransomware attack on CDK Global, a car dealership software company. Dealerships relying on CDK to manage sales, inventory, records, service, and vehicle registrations ground to a halt for almost two weeks. The outage affected 15,000 auto dealerships, potentially resulting in approximately $944 million in direct losses due to business interruptions.

The impact of the CDK Global cyber incident on auto dealerships

During the CDK incident, dealerships were unable to access critical systems, leading to significant delays and potential loss of sales to competitors unaffected by the outage. Dealerships choosing to revert to manual processes not only experienced an increased risk of data breaches, but also a decline in customer service levels. Payroll, parts, and repair operations were also impacted, compounding financial and operational complications.

With sales at a halt, workers worried as to how the dealers would make payroll. Per CNN

“The workers’ concerns illustrate how a cyberattack, even one on something as overlooked as record-keeping and scheduling software, can cripple an entire industry.”

An industry crippled by a seemingly minor third-party system outage

Car dealerships rely on third-party vendors for various routine functions, making them vulnerable to cyberattacks if these vendors lack robust security measures. While CDK Global did not disclose exact details, the outage could’ve been from a ransomware attack, Distributed Denial of Service (DDoS), a successful phishing campaign, or many other scenarios.

How car dealerships can strengthen their cybersecurity posture

While it’s impossible to eliminate all cybersecurity risks, there are proactive cybersecurity measures that dealerships can implement to minimize the impact of a successful attack.

  1. Regular backups. Ensure that all critical data is regularly backed up and that these backups are stored securely, both on-site and off-site, to allow quick restoration if systems are compromised.
  2. Vendor management. Ensure that third-party vendors, like CDK Global, adhere to stringent cybersecurity standards and regularly audit their security practices.
  3. Incident response plan. Develop and test a comprehensive incident response plan to quickly address and mitigate the impact of cyber incidents.
  4. Cybersecurity training. Conduct regular training sessions for all employees to recognize phishing attacks and other social engineering tactics that could lead to a breach.
  5. Robust security policies. Develop and enforce strong security policies, including the use of complex passwords, multi-factor authentication, and regular password changes.
  6. Software updates and patches. Keep all software and systems up to date with the latest security patches to protect against known vulnerabilities.
  7. Network security. Implement advanced network security measures such as firewalls, intrusion detection systems, and endpoint protection to monitor and defend against threats.
  8. Data encryption. Encrypt sensitive data both at rest and in transit to protect it from unauthorized access.
  9. Access controls. Limit access to sensitive information based on the principle of least privilege, ensuring that employees only have access to the data necessary for their roles.
  10. Regular security assessments. Conduct regular security assessments, including penetration testing and vulnerability scans, to identify and address potential weaknesses in the dealership’s IT infrastructure.
  11. Business continuity planning. Develop a business continuity plan that outlines alternative workflows and temporary solutions to keep operations running during disruptions​.

Auto dealerships can’t be caught unprepared when the next disaster strikes. TechMD works with car dealerships across the nation to improve their cyber resilience in a cost-effective way. Take the next step to protect what matters by contacting TechMD for a complimentary cybersecurity consultation today.

Share:

Subscribe to TechMD Insights

More Posts

Witness a Real-Time Cyberattack: How AiTM Attacks Work and How to Stop Them

Have you ever wondered what happens during a successful cyberattack and how cybersecurity professionals respond? In real time, we’ll take you inside a particularly dangerous technique known as an Adversary-in-the-Middle (AiTM) attack, where a simulated cybercriminal steals a user’s token in Microsoft 365 (M365).

Your Business and the Dark Web: How to Stay Safe

Whether you’re a business owner, employee, or casual internet user, your personal information is constantly at risk of exposure. But what exactly is the dark web, and how can you protect yourself and your business from its threats?

Skip to content