‘Extortion’: Car dealers incapacitated by successive cyberattacks in the US and Canada

Auto dealerships across North America faced significant disruption after CDK Global, a company that provides software to thousands of dealerships, was hit by a series of consecutive cyberattacks.

An Eastern European cybercrime group demanded extortion money, according to a Bloomberg report over the weekend.

The attacks caused an outage in the US and Canada on Wednesday. And even this morning the problem had not been resolved. The software company told CNN that the necessary repairs would take several days.

For potential car buyers, this can lead to waiting times at the dealership or handwritten vehicle orders.

Thad Szott, whose family owns car dealerships in Michigan, told the Detroit Free Press At least half of the dealers across the country were struggling with the situation. They sell Ford, Chrysler, Jeep, Dodge, Ram and Toyota.

“CDK is basically our operating system in our dealerships, which handles all of our accounting, helps us process lease payments, cash prices, find parts, and write repair orders. Basically everything that runs in the dealership runs on the computer,” Szott told the Detroit newspaper.

“Rumor has it that there is some kind of ransom demand and they had to shut down the system to make sure there was no data leak,” Szott added.

CDK Global is a major player in the auto sales industry. Based near Chicago, the company provides dealers with software technology to help them with their daily operations, such as vehicle sales, financing, insurance and repairs.

CDK was “actively investigating a cyber incident” and the company shut down all of its systems out of an abundance of caution, spokeswoman Lisa Finney said Wednesday.

Finney said CDK had “conducted extensive testing,” consulted with outside experts and restored its core DMS and digital retailing solutions by the afternoon.

But CDK experienced another “cyber incident” on Wednesday evening, Finney said in an update the following day.

“We remain vigilant in our efforts to restore our services and get our merchants back to normal business operations as quickly as possible,” she said.

On Friday morning (US time), a recorded message from CDK on a hotline with updated information for its customers said: “We do not have an estimated timeframe for resolution – and as a result, our merchant systems will likely be unavailable for several days.”

The message added that the company was aware of “malicious actors” posing as CDK members or partners and attempting to gain system access by contacting customers.

Warning about phishing scams

Employers are urged to be cautious of any phishing attempts.

Several major automakers – including Stellantis, Ford and BMW – confirmed to the Associated Press on Friday that the CDK outage had affected some of their dealers, but that sales operations were continuing.

Given the ongoing situation, a Stellantis spokesperson said many dealers have switched to manual processes for serving customers.

This also included writing down orders by hand.

A Ford spokesman said the outage could cause “delays and inconvenience for some dealers and some customers.”

However, many Ford and Lincoln customers continued to receive sales and service support through alternative dealer channels.

With many details of the cyberattacks still unclear, customer privacy was also a priority – especially since little is known about what information may have been compromised over the course of this week.

In a statement sent to AP on Friday, Mike Stanton, president and CEO of the National Automobile Dealers Association, said dealers are deeply committed to protecting customer data.

Stanton said the association is actively seeking information from CDK to determine the nature and scope of the cyber incident so that dealers can respond appropriately.

Stanton added: “Thousands of franchised new car dealers rely on CDK to conduct their business and this outage has impacted dealers’ ability to provide a seamless customer experience and process transactions efficiently.”

Automaker Ford told CNN it was working with dealers to set up alternative software systems and other workarounds.

In March this year, a cyberattack and extortion attempt by foreign hackers resulted in confidential customer information being stolen from New Zealand at a software company that provides services to car dealers and repair shops.

Software company Auxo has approached the High Court seeking an injunction to stop anyone from using or disclosing customer information that may be published online.

– Reporting by NZME and The Associated Press.