Large - Scale Supply Chain Hack On Auto Industry

Uploaded on 2024-06-24 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Transport & Travel

Hackers are claiming responsibility for a cyberattack on CDK Global  software systems that provides software for thousands of car dealerships in the US. 

The Illinois-based company issued an urgent warning Friday 20th June, cautioning people about bad actors posing as employees during phone calls to get credit card details and access to their accounts.

CDK has said it experienced a cyber incident on Wednesday19th June and it is understood they have received a demand for millions of dollars in ransom to restore systems. US auto retailers Sonic Automotive and Penske Automotive also announced that they have been attacked

According to sources, CDK has launched an investigation by experts, notified law enforcement and has begun the restoration process. CDK said restoration will take several days. "...In the interim we are continuing to actively engage with our customers and provide them with alternate ways to conduct business," CDK said in the statement.

It is understood that CDK briefly restored some services for a few hours on June 19th, but was forced to deactivate them following a second cyber attack. 

  • The automaker Ford said that there was an industrywide system outage for dealers who use CDK. "However, many Ford and Lincoln customers are able to receive sales and service support due to alternative processes available to our dealers," they said. 
  • Sonic Automotive said its dealerships were open and it was working to minimise the disruption. The company said it was unable to determine if the outage would affect its financial condition, but that it did have a "negative impact" on its operations.

CDK has warned its customers that that their systems likely will not be available for a number of days. 

CDK Global   |   Reuters   |     Bloomberg   |    USA Today   |    Fortune   |   MSN   |    Yahoo   |     Mail   

Image: Denin Lawley

You Might Also Read: 

Toyota Shut Down Japanese Plants In A Supply Chain Attack:

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Leveraging The Benefits Of LLM Securely 
The Psychology Of GenAI Manipulation »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Assure Technical

Assure Technical

Assure Technical offers a holistic approach to Technical Security. Our expertise and services span across the Physical, Cyber and Counter Surveillance domains.

Nimbusec

Nimbusec

Nimbusec scans your website around the clock and informs immediately if it has been hacked or manipulated

Cybercom Group

Cybercom Group

Cybercom offers strategic advice, testing & quality assurance, security solutions, system development, integration, management and operation services.

AVeS Cyber Security

AVeS Cyber Security

AVeS combines expert knowledge and services with leading technology products to provide comprehensive Information Security and Advanced IT Infrastructure solutions.

Augusta HiTech

Augusta HiTech

Augusta Hitech is a focused product development, software services and technology consulting company. Our Vision is to become the most socially impactful and innovative technology company in the world

Salient Law

Salient Law

Salient Law is a virtual law firm that specialises in advising providers and users of technology on contracts involving technology.

Securden

Securden

Securden provide an all-in-one Platform for Next-Gen Privileged Access Governance, helping you to prevent identity thefts, malware propagation, cyber attacks, and insider exploitation.

Keeper Security

Keeper Security

Keeper is a leading enterprise password manager and cybersecurity platform for preventing password-related data breaches and cyberthreats.

RhodeCode

RhodeCode

RhodeCode is an open source repository management platform. It provides unified security and team collaboration across Git, Subversion, and Mercurial.

Salt Cybersecurity

Salt Cybersecurity

Salt Cybersecurity offer a four-pronged approach to information security that includes Custom Security Policy, Vulnerability Assessment, Threat Detection, and Security Awareness Training.

Blaick Technologies

Blaick Technologies

Blaick is an Israeli cyber-security company which deploys proprietary Artificial Intelligence threats detection technology for early prevention of online cyber crime.

DeNexus

DeNexus

DeNexus is the leading provider of cyber risk modeling for industrial networks. Our Mission is to build the Global Standard for Industrial Cyber Risk Quantification.

LGMS - LE Global Services

LGMS - LE Global Services

LGMS is a leading cyber security penetration testing and assessment firm in the Asia Pacific region.

Hubify

Hubify

Hubify is an experienced, service-driven technology company specialising in business connectivity across mobile, data, voice, cloud, & cyber security solutions.

Oleria Security

Oleria Security

Oleria is the only adaptive and autonomous security solution that helps organizations accelerate at the pace of change, trusting that data is protected.

CLEAR

CLEAR

With more than 17 million members and a growing network of partners across the world, CLEAR's identity platform is transforming the way people live, work, and travel.