Cyberattack Shuts Down Auto Dealerships Across the U.S.
CDK Global, a major software-as-a-service provider for over 15,000 car dealerships in North America, experienced a severe cyberattack that led to the shutdown of its IT systems, phones, and applications. The attack, which occurred early in the morning, forced CDK to take its data centers offline to prevent the spread of the threat.
The attack has caused significant disruption for car dealerships that rely on CDK’s platform for essential operations, including CRM, financing, payroll, support and service, inventory, and back office functions. Many dealerships have reported having to revert to manual processes, such as using paper and pencil, and some have sent employees home due to the inability to conduct normal business activities.
CDK Global's CEO, Brad Holton, indicated that the software running on dealership devices has administrative privileges, which led to a recommendation for dealerships to disconnect their always-on VPNs as a precaution. This precaution is to prevent potential lateral movement by the attackers into dealership networks.
Employees have expressed concerns on platforms like Reddit about the extensive operational disruptions, with reports of halted parts tracking, sales, and financing operations. Rumors suggest the incident might be a ransomware attack, though this has not been officially confirmed. Ransomware typically involves the encryption of data and systems, with attackers demanding payment to restore access and not leak stolen data.
CDK has issued a statement acknowledging the cyber incident and has prioritized the restoration of services. By the evening following the attack, CDK had managed to restore its phone systems, DMS, and Digital Retail services, with ongoing efforts to bring all other applications back online.
The incident highlights the vulnerabilities in critical infrastructure and the widespread impact such cyberattacks can have on essential business operations. CDK continues to work with cybersecurity experts to resolve the issue and mitigate further risks.