Post-CDK Reality: Cyberattacks on Dealers Are Surging

Threat Intelligence

Post-CDK Reality

The data is in, and it’s grim. According to CDK Global’s own 2024 State of Cybersecurity report, 35% of auto dealers experienced a cyberattack or incident last year. Hackers have realized that dealers are ‘high-value, low-defense’ targets.

Why the Surge?

1. Proof of Concept: The CDK attack proved that the entire industry can be paralyzed by hitting a single point of failure. CDK reportedly paid approximately $25 million in Bitcoin to the BlackSuit ransomware gang to end the attack.

2. Ransom Success: When dealers are desperate to reopen, they pay. This incentivizes more attacks. Total dealer losses from the CDK outage are estimated at over $1 billion, with June 2024 new vehicle sales declining 7.2% compared to the prior year.

3. Data Value: Dealerships hold more comprehensive data on individuals than almost any other retail business (SSNs, credit history, bank info, home addresses).

The New Normal

You cannot assume you are ‘too small to be targeted.’ Hackers use automated tools to scan the entire internet for vulnerabilities. They don’t care if you sell 10 cars a month or 1,000. If your RDP port is open or your staff is untrained, you are a target.

Active defense is no longer optional. It is a prerequisite for staying in business.

Scott Sailors
Scott Sailorshttps://www.hiredhackers.com
Principal Security Consultant with over 20 years of experience in security architecture, engineering, and executive leadership. Holds CISSP, OSCP, CISM, CRISC, Master's and Bachelor's degrees in Cybersecurity with expertise bridging technical teams and senior management to communicate complex security challenges in actionable terms.

Latest articles

Previous article
The Rise of ‘Finders’: Is Your Lead Provider a Financial Institution?
Next article
Wiretapping Lawsuits: Are Your Website Pixels Illegal?

Related articles