CDK Global Wasn’t the Only Cyber Victim
This summer’s cyberattacks on CDK Global’s software systems brought a still-painful period of disconnection that left thousands of auto dealers stuck with manual, preinternet processes.
But what many don’t know is that a rash of similar attacks on auto dealerships followed.
According to data released by Proton Dealership IT and Cybersecurity, a division of Reynolds and Reynolds that serves dealerships, thousands of auto dealers sustained attacks in the days after CDK experienced two attacks leading it to shut down its software systems serving dealerships for more than two weeks.
For fourth months leading up to the spike, Proton says cyberattack activity was at a normal pace. Then in the month after the June 19 attacks, it says such targeting of dealerships surged more than 230%.
In that month, Proton says the dealerships it works with experienced more cyberattacks than occurred in the entire previous three months, and it observed more than twice the serous incidents seen before the attacks.
Three months later, it said cyberattacks against dealerships were still elevated at 155% over the annual average. It projected another surge in the upcoming holiday season, as it said bad actors tend to strike when their targets might be more distracted, including holidays and after-hours.
“The incident this summer exposed vulnerabilities to attackers around the world. Cyberattacks across the industry remain well above levels seen prior to the attack,” Proton said in a report on its findings.
It offered tips for dealerships to protect themselves:
- Training of all employees on phishing and social-engineering tactics
- Email filtering and multifactor authentication-configured cloud systems and remote access for all users
- End-point detection and response programs
- Professional round-the-clock monitoring of dealership security
- A recovery plan in case of a severe attack
“This report underscores how important it is for dealerships to be protected, and those protections are monitored 24/7,” said Proton Vice President Brad Holton. “This is not a problem that is going away anytime soon. It’s too lucrative for criminals to walk away from and you don’t want to be their next victim.”