Take Control of the Cyber War Against Your Dealership

Cybercriminals have learned that ransoming data to stop sales operations can result in handsome rewards, and they are increasingly turning their attention to auto dealerships. The costly attacks of Findlay Auto Group and CDK Global in early summer are two noteworthy examples.

Findlay reportedly lost millions of dollars a day following the attack, which resulted in class-action lawsuits. CDK reportedly paid $25 million to satisfy its ransomer’s demand; its customers are said to have lost $1 billion in sales as a result.

As attackers get more imaginative and emboldened to succeed in making huge rewards, businesses need increasingly strategic ways to prevent cybercrime by taking the fight to the perpetrators.

As cyber activity towards car dealerships has intensified, cyber compliance and prevention companies are ratcheting their defenses. Technologists like Ridgeback Network Defense, with roots in military cybersecurity, give auto dealers hope the cyber wars won’t breach their threshold.

Such no-latency technology security makes a network unnavigable by an intruder, providing the conditions to expose and eliminate attackers during connection. It also helps security teams and risk advisors quickly see the presence of exposures and vulnerabilities and reveal network hygiene conditions not observed by other tools.

Any given network connects to a multitude of devices. Some of these connected or once-connected devices present cyber penetration opportunities. A screenshot of these opportunities from your network would knock the breath out of you.

The best cyber technology observes and reports in real-time on all connected assets and the identity of these assets – or ones your network thinks it remains connected to but is no longer. They have been removed or turned off. These assets include live address spaces for IT, OT (back-end production systems), and IoT (Internet of Things). It also observes and reports on – and can respond to – any communications between live assets, unused Ports, and IP addresses.

Cybersecurity like this:

  • Is secure offense against frustrating and costly cyber attacks
  • Is 24/7, real-time visualization of all network systems and monitoring of and fulfilling FTC Safeguards Rule compliance requirements.
  • Identifies network risks, pinpoints opportunities to harden security and improve function, and measures ROI compared to other IT and security tools

Users can instantly implement permissions and security policies to proactively block breach attempts, ensuring your dealership's sensitive data, operations, and customer information are continuously protected. Additionally, the system helps meet regulatory requirements while safeguarding against external attacks and insider threats without adding complexity to your IT operations.

Given the risk and cost of cyber attacks, such network protection is a valuable investment. But as I have written before, great technology must coincide with assertive and frequent personnel training on these dangers. Employee error remains one of the most significant opportunities cybercriminals leverage to get into your network and do their dirty business.

Verizon’s 2024 Data Breach Investigations Report notes that 68% of breaches involve the human element. Every employee who handles data of any type must understand the security risks, be trained, and be accountable for its proper and safe use. So, what do you do?

The laxity we see in dealerships at this level is remarkable. Thus, people-centric best practices are essential to refocus serious attention on employee responsibility and accountability in this cyber war. Renewed employee training must be a leadership priority to help everyone understand their role in preventing compliance and cyber risks. These steps include insisting on password protection, occasional reissue of logins, and treating smartphones, laptops, and tablets as attractive to I.D. thieves, among other practices. Management must insist all users have malware software installed, but the laxity we see in dealerships at this level is remarkable.

As cyberattackers continue their pursuits of opportunity from car dealerships, you don’t want to be their next victim. Ensure your networks are fortified with the best network defense practices and technology. You want to deter and offend cyberattacks that make you bad news for attackers.