<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=352585001801011&amp;ev=PageView&amp;noscript=1">
Patrick Martin

By: Patrick Martin on December 20, 2024

Print/Save as PDF

Why Cybersecurity Will Remain Critical For Car Dealerships in 2025

Cybersecurity | Business Continuity | Compliance

The rapidly changing automotive industry landscape will bring new considerations for dealerships of all sizes in 2025—and rising cybersecurity threats.

Among the top industry trends on the horizon are: demand for hybrid and electric vehicles (EVs), advanced driver assistance systems (ADAS), connected cars, AI adoption, autonomous driving vehicles, and mobility-as-a-service like Lyft, Uber, and others.

An underlying factor with all of these industry trends is technology.

Given the rapid transformation of the automotive industry, car dealers are searching for strategies that will give them a business advantage in the marketplace.

A good place to start is an often overlooked area: your security posture. Is your network vulnerable for a cyber incident? Have you implemented the most robust security measures to protect your data, laptops, desktops, servers, software, applications, and other critical assets within your IT environment?

After reading this article, you will understand the leading cybersecurity risks for auto dealerships in 2025, with perspective from dealership attacks this year.

You will also learn 8 top security measures you can implement now to help insulate your business from a potentially devastating cyber incident.

Top 7 Cybersecurity Risks For Auto Dealerships in 2025

Cybercrime is big business.

In fact, it’s expected to cost the world $10.5 billion in 2025, according to the World Economic Forum.

Auto dealerships remain compelling targets for cybercriminals because of the sheer volume of personally identifiable information (PII) that they collect, process, and store on their customers.

Auto Dealership Security Threats 

1. Ransomware

Bad actors encrypt an auto dealership’s compromised data and systems, making them inaccessible. They then threaten to release the information or continue to restrict access until a ransom is paid.

Ransomware attacks are projected to continue to be the greatest security threat to auto dealers.


Related Article: How To Protect Your IT Network From Ransomware Attacks


2. Social engineering attacks

Social engineering attacks can take many different forms. Cyber criminals use psychology and human emotions such as fear and urgency to get people to take some action that provides an opening into a dealership’s IT infrastructure.

Phishing, business email compromise (BEC), smishing, whaling, quid pro quo, baiting, and pretexting are just some of the many schemes cyber criminals use to entrap unsuspecting employees into divulging sensitive information or taking some adverse action.

Human error is responsible for as much as 95% of all cyber attacks, according to the World Economic Forum.

3. Malware

Hackers often deploy phishing schemes as a vehicle to gain a foothold into a dealership’s IT network. Once inside, they can launch a malware attack in the following days, weeks, or months to infect the dealer’s systems with malicious software.

4. Distributed Denial of Service Attacks (DDoS)

Distributed denial-of-service attacks are another way for bad actors to target auto dealerships.

With this type of attack, malicious actors will use botnets to hijack devices across a dealership’s network, flooding it with fake traffic and requests. Such attacks can slow the company’s network performance to a crawl or make certain parts of the systems inaccessible.

DDoS attacks are commonly used as a diversion tactic as part of a larger malware attack triggered by an unsuspecting user.

5. Data breaches

Sensitive customer and employee PII or dealership business data can be stolen or compromised in a data breach if cyber criminals gain unauthorized access to your network.

Bad actors, who often work as part of sophisticated cyber gang network, can then sell the information on the dark web for profit.

6. Point-of-Sale (PoS) Attacks

Physical devices such as trojan card readers can be attached to payment machines to steal credit card information.

Perpetrators can also use spoofing techniques to trick individuals into going to malicious websites or email links and entering their payment information.

Since many dealerships are now using mobile PoS devices, this can present even more opportunities for a possible cyber attack.

7. Insider Threats

Unlike other threats, these types of threats originate from within a dealership.

An employee, vendor, contractor, temporary worker, business partner, or any other authorized user, attempts to access sensitive information on your network—be it intentionally or accidentally.

Auto Dealership Cyber Attacks In 2024: A Review

1. CDK Global (June 2024)

Many car dealerships are still reeling from the CDK Global cybersecurity attack last June that crippled auto dealerships across the U.S. and Canada.

The massive ransomware attack on the industry’s leading operational software provider affected an estimated 15,000 North American car dealerships, including more than half of U.S. car dealers.

The three-week disruption from June 19 through July 5, 2024 left dealerships with no way to access critical data, including customer accounts, sales transactions, scheduling, and inventory.

Some dealers resorted to old-school pen and paper to keep the doors open; others were forced to close.

The cyber attack resulted in a combined dealership loss of upwards of $1 billion, according to a report published by Anderson Economic Group LLC, a data analysis and consultancy company.

Those estimates don’t include the ripple effect of damages to customers, reputational damage, litigation costs, and other related expenses.

CDK itself was left with no choice but to pay a $25 million ransom demand to recover sensitive customer information and restore their systems online.

2. Findlay Auto Group (June 2024)

Around the same time as the CDK cyber attack, hackers struck Findlay Auto Group, which operates in Nevada, Arizona, Idaho, Utah and Washington.

The incident left the dealership without access to critical parts of its IT systems, affecting its ability to complete sales and service transactions. Customers launched a class action lawsuit in the wake of that cyber incident.

3. AutoCanada Cyberattack (August 2024)

A crippling ransomware attack against AutoCanada, a North American car dealership operating 83 franchised dealerships across Canada and the US, led to significant sales disruptions that resulted in an estimated $33.1 million is losses.

In this cybersecurity breach, a ransomware gang published terabytes of data it had reportedly stolen from the company, including databases, executives’ personal information, financial documents, employee HR data, and Network Attached Storage (NAS) storage images, according to a report by Bleeping Computer.

4. Asbury Automotive Group (January 2024)

This prominent auto dealership, headquartered in the Atlanta metro area, became a victim of a cyber attack in January 2024. The company operates 31 automotive brands with 113 franchises across 9 states.

In the Asbury data breach, cyber thieves were able to compromise the personal information of an estimated 14,000 individuals, including names, driver’s licenses, and social security numbers.

What Are The Best Ways Auto Dealerships Can Safeguard Their IT Networks?

Auto dealerships don’t have to be at the mercy of ever-lurking cyber criminals.

Besides using antivirus, anti-malware, and spam filtering software, there are other security tools and measures dealerships can take to safeguard their IT infrastructure.

Here are 8 actions to take now to mitigate future cyber threats:

1. Audit your current IT landscape to discover any threat risks

2. Implement stringent security measures within the dealership, including:

  • Use multi-factor authentication
  • Integrate endpoint detection and response tools
  • Encrypt and backup data
  • Design and implement robust firewalls
  • Ensure automated software and operating system updates and patches
  • Install DNS filtering software
  • Implement 24/7 network monitoring
  • Consider using a password manager

3. Use a secure dealer management system (DMS)

4. Develop and implement an incident response plan

5. Provide employee security awareness training

6. Protect data stored on legacy computer systems within the dealership

7. Conduct regular vulnerability scans and penetration tests

8. Obtain cybersecurity insurance


Related Article: Why Building A Culture Of Data Security Is Important For Dealerships


What’s The Bottom Line With Auto Dealership Cybersecurity in 2025?

After reading this article, you now understand the ways in which malicious actors can take advantage of security gaps within your network to launch a cyber attack.

As we’ve shown in the examples above, it only takes one mistake or security gap that could result in a cyber attack that leaves your dealership unable to function and your and your customers’ sensitive information at risk, among other potential harm.

There are, of course, state and federal regulatory requirements that must be part of your strategic cybersecurity plan to identify and correct any potential vulnerabilities. 

Over the years, Kelser has helped businesses like yours become compliant with a number of standards and frameworks, including the Gramm-Leach-Bliley Act (GLBA) “Safeguards Rule." Our staff knows what you're going through and how to get you to your goal of achieving robust network security and compliance.

Use the button below to start a conversation with us about cybersecurity, compliance, or other IT concerns you may have. 

Talk with a Human

 

About Patrick Martin

As vice president, engineering services, Patrick tackles technical challenges on a daily basis. He enjoys working with customers to help them use technology effectively to achieve their strategic business goals and objectives.

Suggested Posts

Visit Our Learning Center