Large - Scale Supply Chain Hack On Auto Industry

Uploaded on 2024-06-24 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Transport & Travel

Hackers are claiming responsibility for a cyberattack on CDK Global  software systems that provides software for thousands of car dealerships in the US. 

The Illinois-based company issued an urgent warning Friday 20th June, cautioning people about bad actors posing as employees during phone calls to get credit card details and access to their accounts.

CDK has said it experienced a cyber incident on Wednesday19th June and it is understood they have received a demand for millions of dollars in ransom to restore systems. US auto retailers Sonic Automotive and Penske Automotive also announced that they have been attacked

According to sources, CDK has launched an investigation by experts, notified law enforcement and has begun the restoration process. CDK said restoration will take several days. "...In the interim we are continuing to actively engage with our customers and provide them with alternate ways to conduct business," CDK said in the statement.

It is understood that CDK briefly restored some services for a few hours on June 19th, but was forced to deactivate them following a second cyber attack. 

  • The automaker Ford said that there was an industrywide system outage for dealers who use CDK. "However, many Ford and Lincoln customers are able to receive sales and service support due to alternative processes available to our dealers," they said. 
  • Sonic Automotive said its dealerships were open and it was working to minimise the disruption. The company said it was unable to determine if the outage would affect its financial condition, but that it did have a "negative impact" on its operations.

CDK has warned its customers that that their systems likely will not be available for a number of days. 

CDK Global   |   Reuters   |     Bloomberg   |    USA Today   |    Fortune   |   MSN   |    Yahoo   |     Mail   

Image: Denin Lawley

You Might Also Read: 

Toyota Shut Down Japanese Plants In A Supply Chain Attack:

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Leveraging The Benefits Of LLM Securely 
The Psychology Of GenAI Manipulation »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Janusnet

Janusnet

Janusnet develops software and solutions for organisations to enforce and manage data security.

Brinqa

Brinqa

Brinqa is a leading provider of unified risk management and security analytics.to manage IT governance and technology risk.

Wavestone

Wavestone

Wavestone is a strategy and technology consulting company with areas of expertise including digital transformation and cybersecurity.

SEC Consult

SEC Consult

SEC Consult is a leading European consultancy for application security services and information security.

Virgil Security

Virgil Security

Virgil Security provides easy-to-deploy and easy-to-use cryptographic software and services for use by developers and end-users.

Modulo Security

Modulo Security

Modulo provides automated Governance, Risk, and Compliance (GRC) solutions.

Harel Mallac Technologies

Harel Mallac Technologies

Harel Mallac Technologies is a Mauritian organisation that has developed a strong network of ICT specialists with nodes across the African continent.

Amnesty Tech

Amnesty Tech

Amnesty Tech's Security Lab leads technical investigations into cyber-attacks against civil society and provides critical support when individuals face such attacks.

TechMD

TechMD

TechMD (formerly ICS) is an award-winning IT solutions firm that specializes in cloud solutions, managed cybersecurity services, strategic IT consulting, and managed IT services.

Singtel Innov8

Singtel Innov8

Singtel Innov8, the venture capital arm of the Singtel Group, invests in and partners with innovative technology start-ups globally.

LayerX Security

LayerX Security

LayerX's user-first browser security platform turns any browser into the most protected & manageable workspace, by providing real-time monitoring and governance over users’ activities on the web.

Phriendly Phishing

Phriendly Phishing

Phriendly Phishing offers phishing awareness training programs designed to ward off potential security threats and minimise the impact of cyber attacks.

ASMGi

ASMGi

ASMGi is a managed services, security and GRC solutions, and software development provider.

SentryMark

SentryMark

Stay a Step Ahead of Emerging Threats. Deviate from the traditional siloed defenses and get the proactive and responsive cybersecurity solutions and services you deserve with SentryMark today.

FOSSA

FOSSA

FOSSA is a leading SBOM (software bill of materials) and software supply chain risk management platform.

Coana

Coana

Coana helps software teams tackle the flood of alerts from traditional SCA tools. Using advanced reachability analysis, Coana cuts false alerts by over 80%, freeing up significant engineering time.