As many as 15,000 auto dealers across the United States and Canada are largely unable to operate as a result of a series of cyberattacks on CDK, a major data provider that runs the software used for everything from negotiating sales to scheduling service. It’s unclear what’s behind the attack – or when CDK will be back up and running.
Motorists in the U.S. and Canada looking to buy, trade in or service their vehicles likely have had a hard time of it this week due to a series of cyberattacks launched against CDK Global, a multinational data provider that supplies a broad range of software and related services to more than 15,000 North American dealerships.
The first attack took place on Tuesday June 18 but, after getting its computer system back online, CDK was hit by a second cyber assault on Wednesday. It is unclear when the company will be back up and running, based on comments made by representatives and notes sent to affected dealers.
An abundance of caution
The attack began late Tuesday, according to cybersecurity publication Bleeping Computer. It impacted everything from CDK’s phones to its IT system. In turn, that hit dealerships whose own computer systems are linked directly into CDK’s,
“Out of continued caution and to protect our customers, we are once again proactively shutting down most of our systems,” the Illinois-based data firm said in an e-mail to customers on Wednesday.
“We are currently assessing the overall impact and consulting with external third-party experts,” the email continued. “At this time, we do not have an estimated time frame for resolution and therefore our dealers’ systems will not be available at a minimum on Thursday, June 20th.”
Attack impacts virtually everything
While each dealership is different, CDK provides software-as-a-service, or SaaS, technology that can be used in every part of a dealership, and for virtually every aspect of its business.
That includes front-end sales and back-end payroll. Dealership report they have lost access to “paperwork” for customers negotiating a vehicle purchase. Service departments have, in many cases, been unable to access scheduling.
“We have customers coming in today who had deals saved in the system,” Jeff Ramsey, an executive with Ourisman Auto Group, which is headquartered in Maryland, told CNN. But because their information has been stored online the dealership may now have to start negotiating from scratch.
“We can’t do much because we can’t access inventory or other records,” one service manager told Headlight.News, asking that his name and store not be mentioned because we was not authorized to speak on the record.
More Retail Auto News
- Study: Dealers Remain Critical to Car Buying Experience
- That Vehicle You Want is Likely in Stock Again — Maybe With a Discount
- Ford Tells Dealers to Halt EV Investments
Ransomware
Efforts to reach CDK by e-mail for comment have gone unanswered. The company’s phone lines have continuously been busy for hours.
That leaves uncertain not only who has launched the cyberattacks but what they are seeking – if anything. In some cases, hackers simply choose to interfere with a company’s operations to test out their capabilities.
But a growing number of cyberattacks involve ransomware. Digital criminals lock up access to a person or company’s data and demand payment before going away. In some cases, they’ve destroyed data when a ransom wasn’t paid. In other instances, hackers have released sensitive information that could involve anything from social security and credit card numbers to evidence of illegal activities.
Cyberattacks, ransomware efforts, in particular, have been escalating in recent years, even as authorities in the U.S. and other parts of the world attempt to crack down.
What next?
Not all dealerships are impacted by the CDK cyberattack, but even those who aren’t are watching and worrying.
“I’m glad to say I use Reynolds software,” one of two CDK competitors, “so we weren’t affected,” said Max Muncey, corporate director at LaFonaine Automotive Group. That dealer group has been in contact with its own data supplier “to determine what security measures it has in place.
LaFontaine, headquartered in Highland, Michigan, has its own cybersecurity team but, “Not being affected (by this cyberattack) doesn’t get us out of the weeds. We’re looking at our protocols but we rely on data services for 99% of our business. If we lose access it would cripple us.”
“There’s not a dealer in the country who isn’t watching this with concern and looking, with pause, for ways to prevent this.”
0 Comments