CDK Global, a leading provider of software solutions for automotive retailers, has recently experienced a significant cyberattack, raising serious concerns across the industry. The breach, which has affected various dealerships, involved sophisticated methods aimed at stealing user and client data. This incident underscores the critical need for robust cybersecurity measures within the automotive retail sector.
According to a report released by CDK Global, the cyberattack utilized phishing scams as a primary method of infiltration. This method has been identified as the top threat for the third consecutive year. The phishing scams involved fake emails from trusted internal and external sources, posing substantial risks to auto retailers, including IT-related business interruptions, ransom demands, financial loss, and damage to the dealership’s reputation.
David LaGreca, senior vice president and general manager of IT Solutions at CDK Global, emphasized the importance of employee awareness training in preventing such attacks. “Cybercriminals are increasingly targeting auto retailers utilizing sophisticated methods meant to appear from secure and trusted sources. Unfortunately, human error can waylay the best-laid plans and put a dealership at serious risk,” LaGreca stated.
The report further highlighted that 46% of cyberattacks on dealerships resulted in a negative financial or operational impact, including employee downtime (69%), hardware or software replacement (46%), and damage to the dealership’s reputation (31%).
In response to the attack, CDK Global has urged dealerships to appoint qualified individuals to oversee cybersecurity, utilize multifactor identification, and establish preventative and recovery plans ahead of potential cyberattacks. These measures, according to CDK Global, can significantly minimize the impact on a dealership’s IT network.
The findings from CDK Global’s research also indicated that 75% of dealers who updated their security policies to meet the Federal Trade Commission’s (FTC) June 2023 compliance deadline are already seeing improvements. This includes appointing a cybersecurity officer (85%) and implementing ongoing cybersecurity training for employees (73%).
For more detailed insights and the latest developments, visit CDK Global’s official.
This incident serves as a stark reminder that in today’s digital age, it is not a matter of if a cyberattack will occur, but when. Dealerships must remain vigilant and proactive in their cybersecurity efforts to protect their data and maintain the trust of their customers.