CDK Global Ransomware Attack Crashed Auto Dealerships
The ransomware attack caused $1.2 billion in losses to the auto industry.
In the heart of Summer 2024, auto dealerships across North America couldn’t do much of their business for a few weeks because their computer systems were worthless.
Suddenly, their operations screeched to a halt. The dealerships couldn’t access the computer programs that helped them sell cars, offer financing and insurance, or schedule customer maintenance. It wasn’t their fault; it wasn’t just a coincidence that nearly 15,000 dealerships had the same issue simultaneously. Soon, they all knew what had happened.
It turns out that CDK Global, a primary provider of services to the dealerships, suffered a cybercrime: a ransomware attack that knocked the company’s systems offline and rendered them useless…even unavailable.
The CDK Global Ransomware attack hit the company head-on.
At the heart of the CDK’s problem, they soon announced, was a ransomware attack that brought them to their knees, so to speak, around June 18—the cyberattack, which was attributed to a ransomware gang in Europe. The attackers took over and encrypted (scrambled) files and software critical to CDK’s operations and services.
It took only a few days for the attackers to demand a ransom from CDK, which ultimately paid $25 million to restore its services and files. During that time, CDK was forced to shut down its IT systems while it scrambled to get back on its feet and negotiate with the attackers.
The cost of the ransomware attack was enormous.
- It’s estimated that the attack caused the auto industry 1.2 billion in lost revenue.
- CDK paid the attackers $25 million in ransom to free their systems from the criminals.
- They also lost more than $1 million in lost revenue during the downtime caused by the attack.
It’s often the case that households and businesses do not take action to strengthen their defenses against computer and network attacks until disaster strikes. Today, perhaps the biggest cybersecurity threat is ransomware.
Ransomware, a software program, invades your computer network unannounced and uninvited. It is something like a squatter that invades someone’s property or home illegally and then demands that the owner pay the squatter if they want to get back in their home.
The most significant difference, of course, is that ransomware happens digitally, not physically. Criminals don’t kidnap your network with army squadron guns, like in a Hollywood movie; instead, they invade with stealth, using trickery and more to launch malicious software into your network.
How do ransomware and other malicious software (“malware”) get into a company’s network in the first place? Here are a few ways that can happen.
Types of Ransomware
Ransomware comes in various forms, according to a blog by Cisco Corporation. Here are the different types: They differ in what they are designed or threaten to do:
Crypto ransomware. This flavor has nothing to do with cryptocurrency or digital money. It follows the original definition of cryptography: taking data or information and scrambling it to become unreadable with a digital “key” to decrypt or unscramble it. This attack invades a network, captures essential files and data, and encrypts them. The attackers hold the encrypted data, threatening to hold onto the files until a ransom payment is made for the decryption key.
Leakware is a cruel digital criminal act that is a twist on crypto-ransomware. Not only do criminals infiltrate a network and encrypt valuable data, but they also threaten to leak the data online to other hackers or make it public unless the ransom payment is made. The victim companies often pay because the data, if revealed, could harm the company, its reputation, or its clients.
Locker ransomware. This type of attack puts a freeze on the network, so network users are locked out of their systems. It’s like having useless computers and workstations, except that the ransom demand note is easily readable to the victims. The intent isn’t to destroy the data but to squeeze a ransom payment from the businesses that desperately want to get back to business.
Scareware. This is more of a sneaky or dirty trick played by a hacker-scammer who directs network attacks. The victims’ computers suddenly show a series of scary-sounding pop-up ads saying their computers have been infected with malware. The truth is, they haven’t been…not yet. The victims (who often believe the message because it is worrisome) take the next step, as the pop-up instructed—they purchase antivirus software supposedly needed to fight off the malware. Sometimes, the software purchased is worthless and harmless. In the worst case, software installs malware, which could steal sensitive and valuable information from the victims’ computers.
Small businesses and consumers can experience “ransomware-like” attacks
Because businesses and organizations are the prime targets for hackers, consumers, and individuals aren’t likely to see the types of ransomware mentioned above.
However, that does not mean they are out of the woods or safe from attacks. As we outlined in a consumer-focused article on ransomware, everyday households and small businesses need to keep their guard up. You can read our article, “What Is Ransomware?” on WhatIsMyIPAddress.com.
Also, small—to medium-sized businesses are not immune to ransomware attacks.
How to fend off ransomware attacks.
Consider this: You think your nice car will never be stolen…until it is, or you feel your house will never be broken into and your valuables are ransacked…until that happens. Sadly, it’s often the same with ransomware—businesses learn the hard way that their defenses are not as strong as they hoped. They realize they should have paid more attention to the possibility of a ransomware attack. It’s often until disaster strikes that people take action to strengthen their defenses.
By the way, it’s the same for consumers and households: prevention and protection are similar on a smaller scale.
How can you prepare for a ransomware/malware attack?
Here is a quick list of the best practices cybersecurity experts recommend organizations take to minimize the possibility or impact of a ransomware attack. Remember, it comes down to stopping hackers from infiltrating your network and gaining access to important data.
- Protect your accounts and applications.
- Limit the information you post on social media.
- Install and update top-notch antivirus software.
- Keep your IT systems continuously updated.
- Limit who has access to precious data.
- Backup your files regularly and securely.
- Train key personnel on ransomware prevention methods.
- Take steps to filter spam and block phishing attacks.
- Implement a “zero-trust” model that requires any user or device to pass strict identity verification. This will prevent outsiders from easily gaining access.
It’s clear that all businesses need to do the same thing that hackers have done—they need to up their game and improve their defenses. Whether creating a more robust internal IT/cybersecurity team, obtaining new software, or hiring an outside service provider, businesses need to be more prepared than ever and stay prepared.
Follow the Easy Prey podcast.
Chris Parker, CEO of WhatIsMyIPAddress.com, is also the host of the Easy Prey Podcast. He has interviewed more than 200 guest experts on topics ranging from ransomware and cybersecurity to Artificial intelligence and romance scams. You can find the Easy Prey Podcast on your preferred podcast platform, or click the link below to go to the EasyPrey.com website and view the episodes.
Related Articles
- All
- Easy Prey Podcast
- General Topics
- Home Computing
- IP Addresses
- Networking Basics: Learn How Networks Work
- Online Privacy
- Online Safety
A Cybersecurity Framework for Protecting What Matters
The world of online threats is ever-changing. Sophisticated phishing, AI-powered attacks, and more are making it ever…
[Read More]There’s No Such Thing as a Safe Account
You get a call from your bank’s fraud department. There’s been fraud on your account – a…
[Read More]What to Do if a Loved One Lost Money to a Scammer
Scams and scammers are everywhere. Even if you haven’t personally been caught in a scam, you probably…
[Read More]Identity Crimes: Impact and Recovery
It’s not just identity theft anymore. Criminals have expanded to a whole range of identity crimes. And…
[Read More]How to Set (and Achieve) Good New Year Resolutions
It’s the time of year when people start thinking about New Year resolutions and making changes in…
[Read More]ALERT: Protect Your Email Account Like You Protect Your Front Door
Once email addresses fall into the wrong hands, there’s a greater chance the criminals might work on...
[Read More]