In the wake of a major cyberattack, CDK Global, a leading provider of technology solutions for auto dealerships, has confirmed that the incident was a "ransom event." This revelation came to light in a communication to clients on Saturday, June 22, marking the first public acknowledgment that attackers are demanding a ransom to restore CDK's systems.
The cyberattack, which occurred on June 19, brought CDK's dealer management system (DMS) to a standstill, leaving thousands of car dealerships across the U.S. unable to conduct business. This disruption is expected to cause significant shipping delays at dealerships during their busy summer season. In a memo obtained by CBS MoneyWatch, CDK stated, “Thank you for your patience as we recover from the cyber ransom event that occurred on June 19th.”
CDK Global has assured clients that system restoration is underway, with expectations to bring major applications back online within several days. The cybercriminals behind the attack are reportedly linked to the group BlackSuit, demanding a ransom in the tens of millions of dollars, which CDK allegedly had planned to pay.
Cliff Steinhauer, Director of Information Security and Engagement at the National Cybersecurity Alliance, commented to the Associated Press, “When you see an attack of this kind, it almost always ends up being a ransomware attack. We see it time and time again, particularly in the last couple of years. No industry and no organization or software company is immune." Steinhauer's expertise was recently showcased in a Charles IT webinar titled “How to Build IT: A Blueprint to Your Digital Environment.” This event highlighted various security services essential for protecting a network. Charles IT, a Connecticut-based Managed Service Provider (MSP), is well-versed in safeguarding organizations against cyberattacks like the one experienced by CDK Global.
Check out the webinar, featuring Cliff Steinhauer, here!
Charles IT offers a range of services to enhance cybersecurity, including proactive monitoring and maintenance, advanced threat detection and response, and comprehensive data backup and recovery solutions. Coupled with a robust business continuity plan, these measures ensure swift recovery during ransomware attacks. Additionally, Charles IT emphasizes the importance of conducting third-party vendor risk assessments to identify and mitigate potential security gaps effectively.
In response to the cyberattack, CDK Global also warned car dealerships about potential phishing scams. The company advised clients to remain vigilant against entities posing as CDK to obtain customers' passwords and other sensitive information. Charles IT echoes this sentiment, urging businesses to implement employee cybersecurity awareness training to prevent phishing and other cyber threats.
“Unfortunately, in this day and age, our data is a valuable target — and you have to make sure that you’re taking steps to protect it,” Steinhauer added.
For organizations seeking to strengthen their defenses against cyberattacks, partnering with Charles IT can provide the necessary tools and expertise to navigate the complex landscape of cybersecurity threats.