Explaining the Car Dealership Cyberattack

July 01, 2024

Introduction

Cyber attacks are becoming more prevalent through the entire world. They are becoming more intense and many of them are getting more media attention, as shown by the CDK cyber attack and the car dealership industry. Financial organizations are primary targets for bad actors, but time and time again, these attacks have become more prevalent in other industries as well.

The complacency and state of information technology environments have been a problem for a long time. Many IT systems haven’t been updated in decades, and even then, some do not take cybersecurity or information security seriously. The car dealership industry was hit with a powerful ransomware attack and many of these companies are losing millions of dollars because of it.

What is the CDK cyber attack?

CDK Global is a provider of software that car dealerships use across the US. It provides information to these car dealerships, giving them proper technology, data, customer relationship information, finances, insurance, and more. They deal with a lot of important customer information, so it is a prime target for bad actor groups like BlackSuit, the perpetrators of this specific attack.

This hacker group has successfully infiltrated CDK Global’s network, stealing data on millions of customers and putting ransomware on much of their network. However, because CDK did not have proper information security defenses in place, they are considering paying BlackSuit the millions of dollars in ransom to release their data so that they can get up and running again. However, it has been a week since the attack and they still haven’t been able to get their systems back online.

What is ransomware?

Ransomware is a cyberattack on an institution where a bad actor or a group of bad actors will get into a network or database to steal and encrypt information. This malicious program or script will lock down this data or network where it can only be unlocked through a password or key. The bad actors will demand payment for this key.

However, the bad actors are not required to give this key, even if the ransom is paid. Most organizations are encouraged not to pay these ransoms, but sometimes, like in the case of CDK and the car dealership industry, it has to be. There are many ways to circumvent even having the conversation with the hacker groups, however, with proper information security and cybersecurity policies and procedures.

Ransomware can be put on any network or database, no matter what the industry is. This malicious attack can be performed through simple methods of phishing and various social engineering tactics. A simple click can cause this ransomware to be transferred through multiple networks, stealing information like administrative accounts and passwords, leaving systems open and easily attacked.

Preventing Ransomware

No matter if you’re a car dealership, bank, credit union, or hospital, proper information security and cybersecurity defenses can prevent ransomware. The main ways to do this are through security awareness training, considering human error is the biggest reason for the success of these attacks. Security awareness training will always keep employees and personnel at their most vigilant.

Tabletop testing and incident response plans are another way that businesses can remain safe against these attacks. A big part of incident response plans is to have backups or different databases that can house up-to-date information. Even if something is attacked with ransomware and encryption, a simple backup can prevent millions of dollars from being lost.

Conclusion

Ransomware is becoming increasingly visible across the world. News outlets are covering them and the public is becoming more aware of these attacks like the one on CDK Global and the car dealership industry. As such, a more critical eye is being turned toward those who fail to protect customer information.

For bigger businesses, this is sometimes okay, considering they have insurance and other failsafes to keep their company from going under. However, for smaller businesses, that can spell disaster and can easily bring them under. A business’s size is irrelevant when it comes to bad actors, as displayed by the car dealership industry and, previously, the MGM cyber attack.

Proper cybersecurity defenses can go a long way in protecting not only the business, but the customers who use the business as well. It is becoming more important than ever to have proper information security, considering these ransomware attacks and hacks have become more and more complex. Security awareness training, tabletop testing, and vulnerability scans are things that can be done to prevent these, so make sure your cybersecurity is up to date in your business.

Eddy Berry, Security Research Analyst

Eddy has been researching cybersecurity for a few years now. Finding specific trends and best practices is something he takes pride in, assisting in finding news and government regulation that are on the rise. He researches topics and writes articles based on current events and important vulnerabilities that are affecting people, always hoping to get the necessary cybersecurity steps to those that need them.