top of page
Writer's pictureAnup Ghosh

CDK Global Hack Brings Down Thousands of Auto Dealership Systems



The Download

The news has covered this hack well as it made national news and headlines. Car dealerships are standard places people occasionally visit, and they may not think about how software has automated the process of buying and selling these cars. CDK Global is the largest auto-dealership software firm that makes software to facilitate the transaction between dealer and buyer. So far details are scant on the hack itself, but it is believed to be a ransomware incident against CDK. The software outage is believed to have affected over 15,000 dealerships including major dealerships Penske and Sonic Automotive.


CDK Global is a software manufacturer. As such they provide software to their customers, auto dealerships in this case. So far there is no indication that the dealerships themselves were compromised. Speculation is that the ransomware attack likely brought down the SaaS production servers for CDK Global which took the systems down. However, not much is known until more information on the hack is released. As of now many of the dealerships have resorted to paper and pen to facilitate the transactions.


What You Can Do

Unless you are an auto dealer or buying a car from a dealership, you are likely unaffected by this hack. Of course car sales will be impacted, and likely just slowed down rather than stopped altogether. However, as we see no firm is immune from these attacks, not even a very large software vendor. The best defense is to get out in front of adversaries. Make sure you have a cybersecurity program and a governance function for it that maps to the NIST CSF. ThreatMate can help you find security exposures before adversaries can get in and bring systems down and hold you hostage for a ransom.




To Learn More:

16 views
bottom of page