If you own or manage a car dealership, you rely heavily on technology, from managing vehicle inventory, to creating sales orders and processing loans.
That is why on June 19, 2024, most dealerships faced a major hurdle to keep their doors open and business operational due to the cyberattack that halted CDK Global, a widely used dealership management system (DMS).
The malicious actors behind the attack forced CDK Global to shut down its systems, and most dealerships were scrambling to stay open and resorted to doing business the old-fashioned way-with pen and paper. Many dealerships reported lost sales, frustrated customers and are now realizing what a crucial role cybersecurity has in the auto industry.
As an IT services provider that works with customers in the auto industry, we have identified how to help car dealerships leverage technology as an advantage to not only stay ahead of cyberattacks but also boost their productivity.
I’m not writing this article to try to convince you to work with us. I’m writing it to provide honest, unbiased information that benefits you, so you can make the right IT decisions to keep your dealership secure and avoid becoming a potential victim of cybercrime.
In this article I will explain what exactly CDK Global is and why dealerships rely on it. I’ll also discuss how the recent cyber attack may affect your dealership with regards to the FTC Safeguards rule. And finally, we’ll cover how you can put your dealership in the best position to stay ahead of cyber incidents like the CDK global outage.
What Is CDK Global And Why Does It Matter To Dealerships?
CDK Global is a key application and software that majority of car dealerships use.
It’s a Dealership Management Software (DMS) that helps them manage the core functions of their business like vehicle inventory management, sales and customer relationship management, financing and loan processing and even some aspects of their parts and service department.
When CDK Global's systems went offline on June 19, 2024 many dealerships had nowhere to turn. Processing car deals became increasingly difficult, and many dealerships lost revenue and had frustrated customers walking out their doors.
The full extent of the data breach is still being investigated, but what is even more concerning is that dealerships have yet to understand what data security repercussions they are facing. How many of their customers, employees and other sensitive information has been leaked?
If a dealership is affected by the CDK cyberattack and customer data is compromised, they could be held liable for failing to comply with the FTC Safeguards Rule.
How Does The CDK Global Cyber Attack Affect Your Dealership If You Are Not FTC Compliant?
According to the FTC, the amended Safeguards Rule mandates specific reporting procedures and requirements for non-banking financial institutions, including motor vehicle dealers, to develop, implement, and maintain a comprehensive security program to keep customer information safe.
The amendment requires all dealerships to notify the FTC as soon as possible (and no later than 30 days after) the discovery of a security incident involving the unauthorized access of unencrypted customer information of at least 500 consumers, whether or not the consumer is actually affected.
Auto dealerships handle a huge amount of Personally Identifiable Information (PII) including driver’s license, social security, bank account, telephone, and credit card numbers, as well as addresses and birthdates.
As a result, all auto dealerships are subject to the rule and must comply with its data security and reporting requirements.
After the CDK Global attack, if you are not FTC compliant and sensitive information and data are leaked, your dealership could face severe consequences like hefty fines and reputational damage.
How To Protect Your Dealership From Future Cyber Attacks
You now understand why the CDK cyberattack was so devastating for dealerships. The most important takeaway is that cybersecurity is a moving target. There is no “set it and forget it” solution. Continuous improvement of your protections is essential to help keep your data and that of your customers safe.
So how do you protect your dealership from the next cyberattack?
A proactive IT approach will help your dealership implement measures that help strengthen your data security protocols and improve your overall cybersecurity. It’s all about having a layered security foundation that reduces the risk of your dealership having a cyber incident.
Here are 4 essential steps your dealership can take:
1. Conduct An Internal Vulnerability Scan And Penetration Test
Regular internal vulnerability scans and penetration tests help identify vulnerabilities in your infrastructure, so that you can address them and strengthen your overall security.
An Internal Vulnerability Scan is an automated tool that is used to identify everything that is running on your network(s) and find weaknesses in devices, servers, and applications.
A Penetration test is basically a simulated and controlled cyberattack. It gives you an idea of how secure your business is when dealing with malicious actors or cyber incidents.
Penetration testing usually involves an IT security expert who pokes around your network to see what vulnerabilities exist and what the consequences would be if those vulnerabilities were exploited by someone with malicious intent from inside or outside of your organization.
Related article: How To Assess Cyber Risk: IT Vulnerability Scan Vs. Penetration Test
2. Strengthen Your Cybersecurity Protocols
People often ask what’s the best way to recover from a cyber incident. My advice is rather that wait for an attack, be proactive and put in place key cybersecurity protocols and tools to strengthen your defenses and become a less attractive target for hackers.
Here are some of the tools to consider:
-
Encryption
Encryption scrambles data to help protect information from hackers or other unauthorized people. A decryption key (which can consist of a password or series of numbers) is required to decode the data when it arrives at its destination.
-
Anti-spam Filters
Anti-spam filters check your emails against industry-standard and your specifically defined criteria for spam, phishing emails and malware.
Inbound and outbound items that fail these checks are quarantined and not delivered to reduce dangerous and unnecessary email and prevent the distribution of malware and spam to your contacts.
-
Anti-malware
Anti-malware software scans files and programs looking for software that is known to be malicious.
Anti-malware defends before, contains during, and helps remediate after an incident. It constantly tracks programs and applications, so you know exactly what’s running where and when across your endpoints and sends alerts if a program suddenly turns malicious.
-
Multi-Factor Authentication (MFA)
MFA is a security tool that requires users to provide multiple pieces of identification before they can access an application, website, or other IT service, providing a more layered security approach for your dealership.
3. Employee Security Awareness Training
When it comes to cybersecurity, your employees can be your strongest defense or the weakest link. Having a security awareness training program in place helps keep cybersecurity top of mind for all employees. It educates them on emerging threats and helps them recognize and report suspicious activity that could potentially lead to a cyberattack.
Employee security awareness training is one of the most cost-effective and under-used cybersecurity tools. Learn why it’s important to provide security awareness training for employees.
Related article: What Is Employee Security Awareness Training? Do I Need It?
4. Develop, Maintain and Improve Business Continuity & Incident Response Plans
Even after taking precautions, an incident can still happen. The best way to respond is by taking proactive action now and develop an incident response plan before anything happens.
By having a plan in place with clearly outlined protocols and procedures you put your dealership in the best position to respond should you fall victim to a cyber incident.
Additionally, testing this plan often allows you to identify what works and what doesn’t. This means you'll be able to respond quickly and effectively to minimize damage when an attack actually occurs.
Here are the essential components of a successful business continuity and incident response plan:
-
Regular data backups
Know how often backups occur and where they are stored. Practice retrieving a recent backup so that you know how to access your data. Ensure that the backups contain the information you think they do so that you can respond quickly to restore operations if and when an incident occurs.
-
Clear Steps For Identifying & Containing A Cyber Incident
What actions are necessary? In what order will they be performed? Who needs to be informed (include customers, regulatory agencies, and other stakeholders)? Which external service providers will you need (legal, public relations, etc.)? How will your dealership adhere to the FTC’s reporting requirements and timeframe?
-
Responsibility & Personnel
Who is responsible for which actions? How quickly do they need to happen?
-
Post-Event Debrief
Have frequent reviews of your processes and procedures. Continually assess your plan and see where improvements can be made. One of the most important aspects is making sure you constantly test and review your plan.
How did things go? What are the procedures you’ll use to investigate the root cause and prevent future incidents? What else can you improve?
What’s The Bottom Line?
After reading this article, you now understand what CDK Global is and why the cyberattack affected so many dealerships. Although you most likely don’t yet know the extent of the attack and if your dealership’s sensitive information was leaked, you do now understand how your dealership maybe affected if you are not compliant with the FTC Safeguards Rule.
The biggest takeaway of this article is that cybersecurity will never be a stationary check box for your dealership. Cyberthreats are constantly evolving and so should your cybersecurity defenses.
By taking a proactive approach to your IT, you will be prepared and have the ability to protect sensitive information for your customers and your organization, and reduce the risk that your dealership will become a victim of cyber-crime.
Some organizations have dedicated internal staff available to support their cybersecurity efforts. Others look to external IT providers to fill in the gaps.
If you are considering working with an external IT provider, we encourage you to check out several options so you can find one that is the right fit for your organization. Ideally, you’ll want a partner who has worked with dealerships in the past and understands the in’s and out of the auto industry.
Here are some of the advantages a managed service provider offers: proactive monitoring, threat identification, and incident response protocols. In addition, organizations have access to a wide range of experts with broad cybersecurity experience at a fraction of the cost of hiring a dedicated IT team for your organization.
No matter how you choose to move forward, take the time to honestly assess your risk, evaluate your current infrastructure for vulnerabilities, and mitigate as many weaknesses as you can.
After reading this article if you are ready to get started and want to see how you can improve your cybersecurity, click the button below and sign up for a no-cost complimentary internal vulnerability scan.
Or if you aren’t sure where to start and prefer to to talk to a person, use the button below to provide your contact information so that one of our IT support specialists can reach out.
