Auto dealers across North America are facing continued disruption as software supplier CDK Global deals with the consequences of a cyberattack on Wednesday. The company began restoring its systems on Sunday, but the process is expected to take “several days,” Bloomberg reported, citing a company statement.
“We continue to communicate with our customers and provide them with alternative ways of doing business,” CDK said in a statement.
The incident began last Wednesday when CDK shut down all of its systems due to what it described as a “cyber incident,” affecting more than 15,000 car dealers across North America.
“Out of caution and concern for our customers, we have shut down most of our systems. We are currently assessing the overall impact and currently do not have an ETA,” CDK said in a statement on Wednesday.
Despite initial efforts to restore services, a second cyber incident on Wednesday evening caused further disruption, necessitating another shutdown.
CDK’s main dealer management system and digital marketing solutions were briefly restored during the day but had to be taken offline again due to a new incident.
CDK Global, which provides critical software to car dealerships, including sales platforms and dealer management systems, has left thousands of dealers severely disabled.
American automakers Sonic Automotive and Penske Automotive reported major disruptions to operations due to the ongoing CDK outage, Bloomberg said.
The question to CDK remains unanswered.
Hacker demands millions in ransom
The cyber attack has been linked to a group of hackers who demand millions of dollars to stop their operations, Bloomberg reports. Citing a person familiar with the development, the report said CDK “intends to pay” the ransom.
This aspect of the incident highlights the growing threat of ransomware attacks, where hackers block access to sensitive systems and demand payment for release.
CDK, acquired by investment firm Brookfield Business Partners for $6.41 billion in April 2022, has been working with third-party experts to assess the impact of the cyberattack and provide regular updates to affected customers, the report said.
The company reiterated its commitment to restoring services and supporting retailers during this challenging time.
“In collaboration with third-party experts, we assess the impact and provide regular updates to our customers. “We remain vigilant in our efforts to restore our services and return our vendors to business as usual as quickly as possible,” Bloomberg reported quoting a CDK spokesperson.
This incident underscores the critical need for strong cyber security measures to protect critical business operations. It also highlights potential vulnerabilities in connected systems that can be exploited by malicious actors.
“In light of the recent CDK Global cyber incident, it is clear that a systematic approach to understanding the risks, controls, and mitigation strategies for cloud deployments and services is essential,” said DR Goyal, chief architect at Rakuten Symphony India.
“Companies must have a well-defined approach to cloud architecture that aligns with business needs and risk. Cloud security architecture should be strategic and practical, covering endpoints, networks, IaaS, PaaS, and SaaS. Additionally, having a flexible set of tools to meet unique customer needs in the cloud is essential. A well-defined incident response strategy is necessary to overcome incidents like this.”
Source link