CDK Global is now calling A cyber attack brought down its software platform “A redemptive event” for its auto dealership customers.
In a note to clients on Saturday, CDK admitted for the first time that hackers breached its dealer management system, or DMS. Not available to customers for several daysThey are demanding a ransom to restore its systems.
“Thank you for your patience while we recover from the June 19 cyber recovery event,” CDK said in a memo to clients on Saturday, according to a copy of the email obtained by CBS MoneyWatch.
The note added that CDK has begun restoring its systems and expects the process of bringing key applications back online “to take several days and not weeks.”
Beware of phishing
In its memo, the company warned car dealerships to be wary of phishing scams, or companies that pose as CDKs, but are actually bad actors trying to obtain customers’ proprietary information, such as passwords.
A CDK spokesperson told CBS MoneyWatch that it offers clients “alternative ways to conduct business” when its systems are down.
The cybercriminals behind the CDK attack have been linked to a group called BlackSuit. Bloomberg reported on Monday, citing Alan Liska of computer security firm Recorded Future. On a June 21 storyHackers are demanding millions of dollars, CDK said.
Liska did not immediately respond to a request for comment. CDK did not identify any group behind the attack on its organization It has disrupted car dealerships across America Since last week. Companies targeted in ransomware schemes are reluctant to release information amid payment negotiations with hackers.
“Doing Everything Manually”
The hack has put some car dealers out of business entirely, while others report using pen and paper and even “sticky notes” to record transactions.
Tom Mavoli, owner of Celebrity Motors, which operates five luxury car dealerships across New York and New Jersey, told CBS MoneyWatch on Monday that his employees “do everything manually.”
“We’re trying to keep our customers happy, and the biggest issue is the banking side, which is completely backed up. We can’t fund deals,” he said.
Ransomware attacks are increasing. By 2023, more than 2,200 organizations, including US hospitals, schools and governments, have been directly affected by ransomware. Emisoft, an anti-malware software company. Also, thousands of private sector companies were targeted. Some experts believe the only way to stop such attacks is to ban ransoms, which Emisoft said could lead to bad actors “rapidly advancing and moving away from high-impact encryption-based attacks to other less disruptive forms of cybercrime.”
Earlier this year, the US State Department offered $10 million in exchange for the identities Leaders of the Hive ransomware gang, it has been responsible for attacks on more than 1,500 organizations in 80 countries since 2021, resulting in the theft of $100 million.