Thousands of car dealerships nationwide were forced to temporarily shut down their operations on Wednesday. Experts say a cyber incident at CDK Global, a large software provider that works with dealers across the US, interrupted sales and service departments on the busy holiday.
The rise of cyberattacks and ransomware has become more normal in recent years. Most large companies and institutions use online payment companies to run operations, which can oftentimes create a backdoor for hackers to sneak into.
CDK Global Reacted Quickly To the Disruption
Once the company noticed a major disruption in its usual business operations, it “shut all systems down, executed extensive testing, and consulted with external third-party experts.”
A spokesperson for CDK, Tony Macrito, said in an email that the company’s core product, a management system and its digital retailing solutions were restored quickly after the attack began. Comprehensive testing will continue as updates bring more systems back online.
Details of the Security System Delay
The system that many car dealerships use to conduct most normal business went down around 2 a.m. Eastern time. Brad Holton, the vice president of Proton, a cybersecurity firm that serves auto dealers, first noticed the delay.
At the time, CDK provided little information on the attack. The outage caused many dealerships to shutter operations on a busy holiday Wednesday. Some dealerships opted to use paper record keeping for things like routine oil changes until the systems came back on.
Many Dealerships Struggled With the Shutdown
Plenty of dealerships nationwide had an extremely difficult time resuming normal operations during business hours. A BMW store in Manhattan was forced to stop all business and tell their customers that they have no idea when they could resume.
Claire Glassmire, a receptionist at Barbera’s Autoland in Philadelphia, mentioned “We can’t access customer records, can’t set certain appointments. We can’t even print a repair order.”
Recent Ransomeware Attacks Crippled Health Care Networks
In the past four months, multiple large-scale ransomware attacks completely shit down the ability of care providers to operate normally.
Ascension is a company that runs various clinics and hospitals in the U.S. and lost the ability to take any payments for three days. To resolve the issue, the CEO of the company paid hackers more than $22 million to restore their operating systems to normal.
Customer Data Is at Risk During Cyber Attacks
Although it can be inconvenient for companies to halt their operations for days at a time, customers should also be worried about what hackers might do with their personal data.
In many cases, sensitive financial information can be stored in computer networks. Although companies should all have comprehensive firewalls and cyber security teams, hacks and invasions can still happen.
How Do These Attacks Happen?
It might sound scary, but the truth is that there are large networks of criminals who use the internet to their advantage. In many cases, hacking groups will stalk different companies until they find a vulnerable spot.
Then, the hacker groups deploy something called ransomware. They disable the normal operating systems in a large company and ask for a large sum to be paid to turn their systems back on.
Details on CDK Global
An investment company called Brookfield Business Partners agreed to buy CDK in an all-cash deal in April 2022, and they were valued at $6.4 billion.
Often, hackers won’t be shy. They’ll go after multi-billion dollar corporations as they know that the business most likely has millions in cash to spend.
What Does CDK Provide?
CDK offers dealership services such as online booking platforms, scheduling, electronic signature capabilities, messaging tools, and payment systems.
Most car dealerships prefer to be on the same system as the other lots under their namesake to make it easier for customers to receive service in different cities.
Car Dealership Might Be Weary of Working With CDK in the Future
Mike Stanton, the president and chief executive of the National Automobile Dealers Association, claims, “Dealers are very committed to protecting their customer information.”
He also noted that the association will be “seeking information from CDK to determine the nature and scope of the cyber incident so they can respond appropriately.”
Hackers Did Not Deliver a Clear Message
Normally, in these instances, the hackers will deliver a clear message about what they want. Usually, they want a ransom in the form of a wire transfer to an off-shore account.
It’s currently unclear who the hackers gained entrance into the security system or what they wanted. One thing is for sure though, companies will need to review and update their cyber security presence in the future.
Operations Returned to Normal on Wednesday Night
As of Wednesday afternoon, some dealers’ systems were partially functioning. Later in the day, cybersecurity teams were able to reinstate the normal functioning of the scheduling and payment platforms.
For now, it’s unclear what the hackers wanted from CDK and if they could receive any ransom payments from the company. A comprehensive review is ongoing to discover the weak spots in CDK’s firewalls and security channels.