CDK Cyberattacks: What We Learned and Moving Forward for Franchise Dealers

The recent cyberattacks on CDK Global have served as a stark reminder of the vulnerabilities inherent in our increasingly digital automotive retail landscape. As dealership operators, it is crucial to dissect these events, understand their implications, and fortify our defenses to prevent future incidents. Here’s a detailed look at what we learned and the strategic steps franchise dealers should take moving forward.

Key Learnings from the CDK Cyberattacks

1. The Pervasiveness of Social Engineering: One of the most significant takeaways from the CDK cyberattacks is the critical role social engineering plays in these breaches. Phishing attacks and other forms of social manipulation are primary vectors for cybercriminals. Continuous education and training for all associates on recognizing and responding to social engineering attempts are essential. Regular training sessions, simulated phishing attacks, and a culture of vigilance can significantly reduce the risk of successful social engineering attacks.

2. The Risks of Outdated Technology: The attacks highlighted possible vulnerabilities in CDK’s infrastructure, specifically pointing out that some remote desktop applications that could have been outdated and not equipped with modern cyber protection technologies. These legacy systems not only failed to prevent the attack but also interfered with each other, exacerbating the issue. Moving forward, it is imperative to ensure that all software and systems are regularly updated and patched. Investing in state-of-the-art cybersecurity solutions that offer real-time protection and threat detection is crucial.

3. The Importance of Redundancy: Redundancy emerged as a key factor in maintaining operations during the attack. Dealerships with robust backup systems and redundant operations were better able to withstand the disruptions. Implementing redundant systems for critical operations ensures that even if one system is compromised, others can take over, minimizing downtime and data loss.

4. Streamlined Operations within OEM Portals: The ease with which variable and fixed operations can function within OEM portals needs to be improved. Streamlined and seamless integration between dealership systems and OEM portals can enhance operational efficiency and reduce potential vulnerabilities. Ensuring that these integrations are secure and up-to-date with the latest cybersecurity standards is vital.

Strategic Steps for Franchise Dealers

1. Comprehensive Cybersecurity Training: Make cybersecurity training a cornerstone of your dealership’s culture. Regularly update training programs to cover the latest threats and ensure all employees understand the importance of cybersecurity. This includes recognizing phishing attempts, securing personal devices, and following best practices for data protection.

2. Regular Technology Audits: Conduct regular audits of all technology and systems used within the dealership. Identify outdated or vulnerable software and replace or update it promptly. Ensure that all systems are compliant with the latest cybersecurity protocols.

3. Implement Advanced Cybersecurity Measures: Adopt advanced cybersecurity measures such as multi-factor authentication (MFA), endpoint protection, and network security monitoring. These tools can provide additional layers of defense against potential attacks.

4. Develop a Robust Incident Response Plan: Prepare for the worst by developing a comprehensive incident response plan. This plan should outline the steps to take in the event of a cyberattack, including communication protocols, data recovery procedures, and legal considerations. Regularly test and update this plan to ensure its effectiveness.

5. Partner with Cybersecurity Experts: Consider partnering with managed security service providers (MSSPs) or hiring in-house cybersecurity specialists. These experts can help monitor systems, detect threats, and respond to incidents more effectively than general IT staff.

6. Enhance Redundancy and Backup Systems: Invest in redundant systems and robust backup solutions. Ensure that all critical data is regularly backed up and stored securely, both on-site and off-site. Test these backup systems regularly to ensure they can be relied upon in the event of an attack.

7. Secure OEM Portal Integrations: Work closely with OEM partners to ensure that all integrations are secure. Regularly review and update these integrations to align with the latest cybersecurity standards and best practices.

Conclusion

The CDK cyberattacks have underscored the urgent need for robust cybersecurity measures in the automotive retail industry. By learning from these events and implementing comprehensive security strategies, franchise dealers can better protect their operations, data, and customers. Continuous education, up-to-date technology, and a proactive approach to cybersecurity will be critical in safeguarding against future threats.

By staying vigilant and prepared, dealerships can not only mitigate the risks of cyberattacks but also build a more resilient and secure operational framework for the future.