Last week, CDK Global, a major dealership management systems (DMS) provider, was forced to shut down systems across the nation following a significant cyberattack. CDK Global serves almost 15,000 car dealers across the U.S., including GM brands. Now, hackers are demanding a ransom as dealers continue to grapple with the service shutdown.
According to a recent report from Bloomberg, which cites an unidentified source familiar with the matter, the hackers are now ransoming the DMS provider for tens of millions of dollars. The hacking group believed to be responsible for the attack is thought to be located in Eastern Europe.
The attack, which first came to light last Wednesday, has shut down a suite of software tools used by dealers across the nation, affecting sales, repairs, deliveries, financing, insurance, and inventory. The ongoing shutdown has left many dealerships scrambling to manage their operations manually, a significant setback during a crucial sales period as dealers make their end-of-quarter push.
Although CDK Global managed to restore some services hours after the initial attack last week, the company was forced to deactivate the services again after it was hit by a second cyberattack. The DMS provider has since warned customers that services are unlikely to come back online for several days. Some of the company’s products that were affected include DRIVE, Fortellis, and Modern Retail CRM, among others. Additionally, the DMS provider has cautioned customers about potential phishing attempts, where bad actors pose as company employees to gain system access. Customers are advised to verify the identity of company representatives before responding.
Dealers have a relatively limited variety of DMS companies to choose from, as the industry is highly consolidated. Total light-vehicle dealership sales topped $1.2 trillion in 2023, and many dealers rely on DMS services for practically every aspect of their business.
Customers can use this link to sign up for updates on the CDK Global cyberattack.
Subscribe to GM Authority for more GM technology news, GM safety news, GM business news, and around-the-clock GM news coverage.
Comments
CDK has been on a downhill slide since, they were purchased by Brookfield Business Partners. This is the icing on the cake.
Probably the Russians. They’re probably mad about all the ATACMS missiles getting express delivered to their territory.
probably but completely not for the reason you stated. its all about money. they have been doing it for 20 years. i was hit as well long ago. they figured they can get the same people who click at home to click at work and thats just much more profitable!
Nobody asked them to invade a neighboring country.
And, ta-da, we have yet ANOTHER reason to keep vehicle prices high. To make up for this. Despite the fact that inventory is still up there.
Hold on to your old car
As a retired System Engineer with seven system programmers and a very close relationship with the Network Manager, I know how hackers can get in and harm the system, such as this one. I would investigate how the attack got in, then put up a new Unix-based front end server to prevent attacks. Finally, I would restore all backups taken a day or more before and lose just a day or two of transactions. Then keep business running as if nothing happened. No ransom payment will be needed.
As a retired systems engineer it is your fault for old designs that have no upgrade path and no separation of concerns between services. Old school software design patterns are easily exploitable and compromise the entire solution with one weak point. Modern designs do not have the same problems. Data from the day before is compromised too and Unix front ends don’t solve bad software. These are sophisticated attacks that are far more technically skilled than the systems that they have beaten. Companies have got to stop being this lazy and cheap using old software that only retirees seem to know.
This is exactly why OTA updates to a vehicle should be disallowed by NTHSA.