Car Dealerships Are the Latest Victims of Massive Cyberattacks

By: Stephanie Bontorin | Published: Jun 20, 2024

Thousands of car dealerships nationwide were forced to temporarily shut down their operations on Wednesday. Experts say a cyber incident at CDK Global, a large software provider that works with dealers across the US, interrupted sales and service departments on the busy holiday.

The rise of cyberattacks and ransomware has become more normal in recent years. Most large companies and institutions use online payment companies to run operations, which can oftentimes create a backdoor for hackers to sneak into.

CDK Global Reacted Quickly To the Disruption

Once the company noticed a major disruption in its usual business operations, it “shut all systems down, executed extensive testing, and consulted with external third-party experts.”

A row of BMW SUV's on a large sales lot

Source: Erik McLean/Unsplash

A spokesperson for CDK, Tony Macrito, said in an email that the company’s core product, a management system and its digital retailing solutions were restored quickly after the attack began. Comprehensive testing will continue as updates bring more systems back online.

Details of the Security System Delay

The system that many car dealerships use to conduct most normal business went down around 2 a.m. Eastern time. Brad Holton, the vice president of Proton, a cybersecurity firm that serves auto dealers, first noticed the delay.

A man works on one laptop with another next to him

Source: Freestocks/Unsplash

At the time, CDK provided little information on the attack. The outage caused many dealerships to shutter operations on a busy holiday Wednesday. Some dealerships opted to use paper record keeping for things like routine oil changes until the systems came back on.

Many Dealerships Struggled With the Shutdown

Plenty of dealerships nationwide had an extremely difficult time resuming normal operations during business hours. A BMW store in Manhattan was forced to stop all business and tell their customers that they have no idea when they could resume.

The exterior of a Toyota dealership

Sources: Erik McLean/Unsplash

Claire Glassmire, a receptionist at Barbera’s Autoland in Philadelphia, mentioned “We can’t access customer records, can’t set certain appointments. We can’t even print a repair order.”

Recent Ransomeware Attacks Crippled Health Care Networks

In the past four months, multiple large-scale ransomware attacks completely shit down the ability of care providers to operate normally.

A silhouette of a person in a hoodie, suggestive of a cyber hacker, with a background of digital code reflecting on the silhouette

Source: freepik

Ascension is a company that runs various clinics and hospitals in the U.S. and lost the ability to take any payments for three days. To resolve the issue, the CEO of the company paid hackers more than $22 million to restore their operating systems to normal.

Customer Data Is at Risk During Cyber Attacks

Although it can be inconvenient for companies to halt their operations for days at a time, customers should also be worried about what hackers might do with their personal data.

A Man Looking at the Paper while Holding a Coffee and Phone

Source: Mikhail Nilov/Pexels

In many cases, sensitive financial information can be stored in computer networks. Although companies should all have comprehensive firewalls and cyber security teams, hacks and invasions can still happen.


How Do These Attacks Happen?

It might sound scary, but the truth is that there are large networks of criminals who use the internet to their advantage. In many cases, hacking groups will stalk different companies until they find a vulnerable spot.

Hacker on laptop in the dark

Then, the hacker groups deploy something called ransomware. They disable the normal operating systems in a large company and ask for a large sum to be paid to turn their systems back on.


Details on CDK Global

An investment company called Brookfield Business Partners agreed to buy CDK in an all-cash deal in April 2022, and they were valued at $6.4 billion.

A small stage set up at a convention floor with a large CDK sign

Source: @MTECGroup/X

Often, hackers won’t be shy. They’ll go after multi-billion dollar corporations as they know that the business most likely has millions in cash to spend.


What Does CDK Provide?

CDK offers dealership services such as online booking platforms, scheduling, electronic signature capabilities, messaging tools, and payment systems.

the CDK Global Logo on a black background with green and red designs

Source: @CSO_Germany/X

Most car dealerships prefer to be on the same system as the other lots under their namesake to make it easier for customers to receive service in different cities.


Car Dealership Might Be Weary of Working With CDK in the Future

Mike Stanton, the president and chief executive of the National Automobile Dealers Association, claims, “Dealers are very committed to protecting their customer information.”

The interior of a Mazda dealership with two silver cars on the show floor

He also noted that the association will be “seeking information from CDK to determine the nature and scope of the cyber incident so they can respond appropriately.”


Hackers Did Not Deliver a Clear Message

Normally, in these instances, the hackers will deliver a clear message about what they want. Usually, they want a ransom in the form of a wire transfer to an off-shore account.

A computer hacker is pictured seated at his desk in the dark

Source: Freepik

It’s currently unclear who the hackers gained entrance into the security system or what they wanted. One thing is for sure though, companies will need to review and update their cyber security presence in the future.


Operations Returned to Normal on Wednesday Night

As of Wednesday afternoon, some dealers’ systems were partially functioning. Later in the day, cybersecurity teams were able to reinstate the normal functioning of the scheduling and payment platforms.

The exterior of a VW dealership at night with one red car parked in the lot

Source: Erik McLean/Unsplash

For now, it’s unclear what the hackers wanted from CDK and if they could receive any ransom payments from the company. A comprehensive review is ongoing to discover the weak spots in CDK’s firewalls and security channels.