A recent CDK hack sent a multi-billion dollar industry scrambling

If you’re involved in car dealerships or work in tech, you should care about the details surrounding last week’s CDK hack.

7/17/2024: On June 28th, CDK began the process of restoring operations for dealerships affected in the cyberattack. This started with a small group of dealers, and improvements happened gradually across the thousands of businesses facing problems. By July 4th, all companies were back up and running as usual. It's believed that CDK was forced to pay a hefty ransom fee of $25 million in order to fend off attackers.

Since last week, automotive dealerships across the world have been operating in a state of panic. That’s because CDK, a major player in the world of  dealer management software, has shut down as a result of cyber attacks. A breach by malicious actors brought CDK to an abrupt halt, disrupting standard operations for the thousands of car dealerships that depend on their services. We dove headfirst into this topic, exploring the whos, whats, and whys at the heart of the story. 

What is CDK? 

CDK, or CDK Global, is nothing short of a giant in the automotive industry. Founded in 2014, CDK has since become a global corporation on whom thousands of car, truck, and heavy equipment companies rely to provide business-enhancing technology. CDK designed high-functioning software to manage tasks such as tracking vehicle inventory, making themselves an indispensable resource for car dealerships across the globe. Using integrated technology, CDK optimizes customer relationship management and manages consumer data. Ironically, CDK software also works to secure client data and shield dealerships from being affected by cyber attacks. Because this corporation offers such a full suite of technological benefits, it’s no surprise its collapse triggered aftershocks throughout the dealership industry. 

How were dealerships affected? 

Following last week’s devastating cyber breach, roughly 15,000 dealerships have been temporarily debilitated. Once dependent on CDK’s software to perform routine business processes, dealership employees are now forced to seek creative alternatives. Many have regressed to a time before the Internet, when pen and paper were used to record transactions. Now lacking the efficiency customers are used to, car dealerships have seen numerous delays across the board. CDK software is typically responsible for tracking lot inventory and managing auto loans, but these tasks must now be accomplished by harried employees. Subsequently, purchasing a vehicle is a slower, more frustrating process. Likewise, there’s a longer wait for car maintenance due to appointment booking software being down. Fortune is reporting that CDK is out tens of millions of dollars, having used these funds to pay the ransom being demanded by hackers. Though the exact numbers are not yet known, these persistent issues are sure to mark a period of decreased profit for all companies involved. A class action lawsuit is also in the works, wherein a group of affected dealerships plan to sue CDK. They allege that the corporation’s negligence is part of what led to the data breach, and it could have been prevented had proper safety measures been put into place. This lawsuit could cost CDK millions more, further destroying their financial state. Meanwhile, businesses worldwide continue reeling as they face frustrating delays, setbacks, and money loss. As CDK rebuilds in the wake of the attack, thousands of dealerships are also left picking up the pieces. 

Who is responsible for the cyberattack? 

The enigmatic nature of cyber crimes can make them feel especially scary. Hidden behind the anonymity of the Internet, culprits of online offenses adopt an air of mystery. In the case of the CDK cyber attack, not much has been made public about the criminals behind it. As of now, we know the breach was perpetrated by a group called BlackSuit. Since they first appeared in May 2023, this team of cyber criminals has been wreaking havoc on the Internet. Having hacked over 90 organizations around the globe, BlackSuit has proven its willingness to victimize companies when they spot a vulnerability. Members of the BlackSuit group are known to confiscate sensitive data and threaten to leak it if compensation is not provided. In one fell swoop, BlackSuit elicits ransom money and paralyzes the business activity of its victims. When they find a company to victimize, they do so without concern for those affected. 

What can we learn from the attack on CDK? 

Many times, corporations as big as CDK can appear invincible. Last week’s cyberattack served as a grim reminder that companies, even large ones, have vulnerabilities that can be exploited. It’s important to think proactively about potential cyber attacks, so your company can be prepared if and when it’s targeted by someone with bad intentions. In the aftermath of any large-scale data breach, it’s important to remember the key elements of risk mitigation: employee awareness and data-saving strategies. While no business likes to dwell on the potential of cyber attacks, thorough education is necessary in order to prevent them. If employees are trained to recognize data breach attempts, they’ll be equipped to combat them when they appear. Phishing, a kind of cyberattack that uses employee emails to extract data, is one common tactic that must be openly discussed so that it can be avoided. Furthermore, companies must remember how crucial it is that all data be backed up. When data is stored this way, the recovery process post-attack will be much smoother. By taking such precautions, companies limit the risk of attack while simultaneously preparing themselves for the worst if it happens. 

Learn more at By the Pixel

Like much of the tech industry, we at By the Pixel like staying updated on major trends. Check out our previous projects and see what we’re capable of, and contact us if you’re in need of custom website development.