Light Dark
July 11, 2024 By Jennifer Gregory 3 min read
News

Update as of July 11, 2024

In late June, more than 15,000 car dealerships across North America were affected by a cyberattack on CDK Global, which provides software to car dealers. After two cyberattacks over two days, CDK shut down all systems, which caused delays for car buyers and disruptions for the dealerships. Many dealerships went back to manual processes, including handwriting up orders, so that sales could continue at a slower pace.

Car buyers who recently bought a car from a dealer using CDK software should assume their information has been breached. Information that could be compromised includes social security number, employment history, income and current or former addresses. Customers should contact the dealer to confirm if they use CDK and, if so, consider freezing their credit.

Get support from IBM X-Force

Auto dealerships are increasingly concerned with cybersecurity in the face of new regulations and an alarming rise in cyberattacks. The Second Annual Global State of Cybersecurity Report by CDK Global found that 85% of dealerships say cybersecurity is very or extremely important relative to other operational areas. Additionally, 89% say cybersecurity is more important than last year, a 12% increase. Not surprisingly, only 37% of auto retailers are confident in the current protection, which is a 21% decrease from 2021.

The study also found that dealerships experienced an average of 16 days of downtime after a ransomware attack, with an average payout of $228,125. However, the biggest impact of attacks on dealerships is likely the impact on customer loyalty. Some 84% of customers say they would not buy another vehicle from a dealership if a breach compromised their data.

With 36% of data breaches at dealerships related to phishing, it’s not surprising that dealerships rated phishing as their top concern. Other top threats included ransomware, lack of employee awareness, theft of business data, PC viruses or malware and stolen or weak passwords.

Increased vulnerabilities at dealerships

Attacks related to phishing schemes are typically related to user error. According to the National Automobile Dealers Association Workforce Study, the annual turnover rate across all dealership positions is 24%. While this rate has gone down in recent years, dealerships still see relatively high employee turnover. This makes training and compliance a continuing challenge.

Dealerships typically also have unsecured wireless networks for customers to use while at the dealership. While this is a nice perk for customers, especially those waiting for their cars to be serviced, hackers can more easily gain access to customer data through unsecured networks. By moving to guest networks and providing passwords, dealerships can provide more protection and decrease risk.

The CDK Global study found that almost 60% of dealerships plan to increase their IT infrastructure investments. Top investments included antivirus and malware protection tools, which saw a 31% increase from 2021. According to the report, dealers also are updating cybersecurity measures that will protect them from top threats such as phishing and ransomware. Other planned investments reported by dealerships include securing endpoint devices, investing in cybersecurity insurance and continued staff training.

Dealerships must comply with safeguards rule by june 2023

In addition to the increased threats, many dealerships are focusing on cybersecurity to comply with the FTC Safeguards Rule. While the rule was initially planned to be active starting in December 2022, dealerships got an extension until June 2023 to meet the requirements. As a non-bank financial institution, auto dealerships specifically fall under the Safeguards Rule, which requires businesses to develop, implement and maintain a comprehensive security program to keep their customers’ information safe.

To meet the requirements, dealerships must:

  • Designate a qualified individual to oversee their information security program
  • Develop a written risk assessment
  • Limit and monitor those who can access sensitive customer information
  • Encrypt all sensitive information
  • Train security personnel
  • Develop an incident response plan
  • Periodically assess the security practices of service providers
  • Implement multifactor authentication or another method with equivalent protection for any individual accessing customer information.

Even with the six-month extension, dealerships must act quickly to meet the new regulations. The requirements for compliance take careful planning and time for implementation. By beginning today, your dealership will be ready both to meet the new regulations and reduce your vulnerability.

If you are experiencing cybersecurity issues or an incident, contact X-Force to help: US hotline 1-888-241-9812 | Global hotline (+001) 312-212-8034.

 |  |  |  | 
Jennifer Gregory
Cybersecurity Writer

More from News
November 18, 2024

Research finds 56% increase in active ransomware groups

4 min read - Any good news is welcomed when evaluating cyber crime trends year-over-year. Over the last two years, IBM’s Threat Index Reports have provided some minor reprieve in this area by showing a gradual decline in the prevalence of ransomware attacks — now accounting for only 17% of all cybersecurity incidents compared to 21% in 2021. Unfortunately, it’s too early to know if this trendline will continue. A recent report released by Searchlight Cyber shows that there has been a 56% increase in…

November 4, 2024

Cyberattack on American Water: A warning to critical infrastructure

3 min read - American Water, the largest publicly traded United States water and wastewater utility, recently experienced a cybersecurity incident that forced the company to disconnect key systems, including its customer billing platform. As the company’s investigation continues, there are growing concerns about the vulnerabilities that persist in the water sector, which has increasingly become a target for cyberattacks. The breach is a stark reminder of the critical infrastructure risks that have long plagued the industry. While the water utility has confirmed that…

October 28, 2024

CISA and FBI release secure by design alert on cross-site scripting 

3 min read - CISA and the FBI are increasingly focusing on proactive cybersecurity and cyber resilience measures. Conjointly, the agencies recently released a new Secure by Design alert aimed at eliminating cross-site Scripting (XSS) vulnerabilities, which have long been exploited to compromise both data and user trust. Cross-site scripting vulnerabilities occur when a web application improperly handles user input, allowing attackers to inject malicious scripts into web pages that are then executed by unsuspecting users. These vulnerabilities are dangerous because they don't attack…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature