Large - Scale Supply Chain Hack On Auto Industry

Hackers are claiming responsibility for a cyberattack on CDK Global  software systems that provides software for thousands of car dealerships in the US. 

The Illinois-based company issued an urgent warning Friday 20th June, cautioning people about bad actors posing as employees during phone calls to get credit card details and access to their accounts.

CDK has said it experienced a cyber incident on Wednesday19th June and it is understood they have received a demand for millions of dollars in ransom to restore systems. US auto retailers Sonic Automotive and Penske Automotive also announced that they have been attacked

According to sources, CDK has launched an investigation by experts, notified law enforcement and has begun the restoration process. CDK said restoration will take several days. "...In the interim we are continuing to actively engage with our customers and provide them with alternate ways to conduct business," CDK said in the statement.

It is understood that CDK briefly restored some services for a few hours on June 19th, but was forced to deactivate them following a second cyber attack. 

  • The automaker Ford said that there was an industrywide system outage for dealers who use CDK. "However, many Ford and Lincoln customers are able to receive sales and service support due to alternative processes available to our dealers," they said. 
  • Sonic Automotive said its dealerships were open and it was working to minimise the disruption. The company said it was unable to determine if the outage would affect its financial condition, but that it did have a "negative impact" on its operations.

CDK has warned its customers that that their systems likely will not be available for a number of days. 

CDK Global   |   Reuters   |     Bloomberg   |    USA Today   |    Fortune   |   MSN   |    Yahoo   |     Mail   

Image: Denin Lawley

You Might Also Read: 

Toyota Shut Down Japanese Plants In A Supply Chain Attack:

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Leveraging The Benefits Of LLM Securely 
The Psychology Of GenAI Manipulation »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ON-DEMAND WEBINAR: Gen AI for Security: Adoption strategies with Amazon Bedrock

ON-DEMAND WEBINAR: Gen AI for Security: Adoption strategies with Amazon Bedrock

Watch this webinar and get a comprehensive roadmap for securely adopting generative AI using Amazon Bedrock, a fully managed service that offers a choice of high-performing foundation models (FMs).

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Panda Security

Panda Security

Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions.

EfficientIP

EfficientIP

EfficientIP helps organizations drive business efficiency through agile, secure and reliable network infrastructures.

DoSarrest Internet Security Ltd

DoSarrest Internet Security Ltd

DOSarrest is a fully managed security firm specializing in cloud based DDoS protection services to a worldwide client base.

360Logica

360Logica

360Logica is a software testing company offering numerous kinds of testing services to improve the quality and performance of your software and IT systems.

Wallix

Wallix

Wallix is a software company offering privileged access management solutions for enterprises, public organizations and cloud service providers

Crosser

Crosser

The Crosser Platform enables real-time processing of streaming or batch data for Industrial IoT, Data Transformation, Analytics, Automation and Integration.

Jandnet Recruitment

Jandnet Recruitment

Jandnet Recruitment is a small specialist company working in the IT sector. We recruit across all IT disciplines including cyber security and digital identity.

Zercurity

Zercurity

Zercurity is on a mission to build the ultimate cybersecurity operations platform for businesses. To help protect against a growing number of internal and external threats.

OwnBackup

OwnBackup

OwnBackup proactively prevents you from losing mission-critical data and metadata with automated backups and rapid, stress-free recovery.

Noetic Cyber

Noetic Cyber

Noetic provides a proactive approach to cyber asset and controls management, empowering security teams to see, understand, and optimize their cybersecurity posture.

Future Planet Capital

Future Planet Capital

Future Planet is the impact-led, global venture capital firm built to invest in high growth potential companies from the world's top research centres.

Bugv

Bugv

Bugv is a crowdsourcing cybersecurity platform powered by human intelligence where we connect businesses with cyber security experts, ethical hackers, bug bounty hunters from all around the world.

Inversion6

Inversion6

Inversion6 (formerly MRK Technologies) is a cybersecurity risk management provider that offers custom security solutions.

Fibernet

Fibernet

Fibernet's innovative solutions in the fields of cybersecurity and fiber optics range from telecommunications infrastructure to small business cybersecurity.

Somerville

Somerville

Somerville are a full service IT partner with over 40 years experience delivering exceptional service and value to our customers.

Sequentur

Sequentur

Sequentur is an award-winning Managed IT Services company. We are SOC 2 certified and provide Managed IT Services and Cybersecurity services to businesses nationwide.