CDK Global’s Cyberattack Disrupts U.S. Car Dealerships

In a significant cyberattack that has disrupted operations across the United States, CDK Global, a leading provider of cloud-based software to automotive dealerships, was forced to shut down most of its systems. This precautionary measure, described as taken “out of an abundance of caution” by spokesperson Lisa Finney, left dealerships resorting to manual, handwritten forms to continue operations.

CDK Global, which supports over 15,000 retail locations in North America, began a system restoration process that is expected to take several days. The company had initially restored some systems, but a subsequent cyberattack forced them offline again. This incident has highlighted the vulnerabilities and rising trend of cyberattacks targeting the auto industry.

Ransom Demands and Cybersecurity Challenges

According to a report by Bloomberg News, an insider revealed that a group believed to be based in Eastern Europe is demanding tens of millions of dollars in ransom. There are rumors that CDK might comply with the demands, though this remains unconfirmed.

The incident underscores the urgent need for fortified cybersecurity measures within the auto industry. Despite CDK Global’s emphasis on a robust cybersecurity strategy, the attack has exposed significant challenges in mitigating such threats. This situation is not isolated, as a recent attack on Findlay Automotive Group further illustrates the growing threat to dealerships.

Dealerships Adapting to Challenges

Dealerships like Northtown Automotive Companies in Buffalo, New York, have implemented contingency plans that allowed them to continue operations using manual methods. Craig Schreiber, one of the company’s owners, noted that their preparedness enabled them to go “old school” with handwritten forms, though he acknowledged the inevitable backlog once systems are restored.

Eric Watson, vice president of sales operations for Kia America, acknowledged the disruption to “many Kia Dealers” using CDK’s platform and advised them to rely on manual tools in the interim. This advice reflects a broader need for dealerships to enhance their preparedness against cyber threats.

Why Are Dealerships Targeted?

Car dealerships have become attractive targets for cybercriminals due to the vast amounts of sensitive customer data they hold, including credit applications and financial information. A 2023 report from CDK highlighted that 17% of surveyed dealers experienced a cyberattack in the past year, with 46% reporting negative financial or operational impacts.

The interconnected nature of dealership systems with external interfaces and often outdated software further exacerbates their vulnerability, as noted in a 2023 article from Zurich North America.