Breaking Down Cybercrime in Automotive - AutoSuccessOnline

Breaking Down Cybercrime in Automotive

Sponsored by Proton Dealership IT

Your dealership is a treasure trove of data. Think about it… names, phone numbers, addresses, work details, salary, and social security numbers for hundreds, if not thousands, of consumers. Financial details about their vehicle purchases. Credit card information from service. The list goes on and on. All of this data makes dealerships a prime target for cyber-attacks. Here are some facts to get you considering the impact of cybercrime in automotive:

  • Ransomware is the most common form of attack in automotive and email is the number one method for gaining access to a dealership’s network.
  • The average ransomware remediation costs are $1,400,000.1
  • Business are down after a ransomware attack for an average of 21 days.2
  • 84% of consumers would not buy another vehicle from a dealership after their data had been compromised.3
  • 30% of dealerships are not up-to-date on their security software.4
  • Only 21% of security professionals think their current security controls are adequate.5

Let’s break these down.

What exactly is ransomware?

Ransomware is a malicious software that gets into the dealership’s network, encrypts and often steals data, and then demands a ransom payment in order to get it back.

Think about each of your departments and the interactions they have that could be a cyber-threat:

Sales people: They are tasked with answering online inquiries daily. They are supposed to be timely so they don’t impede customer satisfaction. So, do you think they stop to consider every email they receive and whether or not it’s a potential threat? Probably not, they simply respond without question.

Business Office personnel: These folks are routinely sending information inside and outside the dealership. These could be reports to management or invoices to outsides vendors. They are also in charge of receiving and making payments.

Fixed Ops: Again, this crew is receiving various inquiries about service appointments, price estimates, parts availability through email. They are busy and don’t have the time, or maybe even the knowledge, to stop and consider whether every request is safe.

All of the interactions above are what make email such an easy target. People expect emails, and they are used to working quickly. So how exactly do hackers do it?

How do hackers penetrate your network?

Hackers have become so sophisticated, they are actually able to get inside your network and monitor what’s going on. They identify a contact whom you email frequently, maybe you receive an invoice or report from one of your managers weekly. After months of monitoring from the inside, they will send you a message disguised as the typical email you get. It might have an attachment that looks like the invoice or report you typically receive, but as soon as you click it, a malicious download begins in the background.

From there, depending on the level of cybersecurity you have, the hackers could completely infiltrate your network and shut you down. So what are the consequences if this does happen?

Real World Consequences to Automotive Cybercrime

As the hackers get in and start moving through your network, they begin looking for valuable data to encrypt and backups to destroy. Their goal is to execute maximum damage. When your employees begin to arrive at work the next day, they have a challenging morning. Many of them aren’t able to log on and some have a weird message on their screens. Your entire dealership is down… you can’t sell or service cars, you can’t close deals, you can’t pay bills or accept payments.

The cost of this event could be days with no operations at all. Lost customers who go to another store for a vehicle purchase or service work. Angry customers whose vehicles are in for service, but they now can’t get them for days. Then once you finally do get back up and running, it’s a slow process, getting computers back online, getting your data off the back-ups that are hopefully current, and making sure everything is accurate.

Once the dust has settled, you can finally start to think about your reputation and the impact this will have on future business. Think of the customers you’ll have to notify, and the friends they’ll share this news with.

You might now be wondering, “How do I ensure this doesn’t happen?”

Protecting Your Dealership From Cybercrime

The right cybersecurity program could be the make-or-break element in an event like this. It all starts with a strong perimeter firewall to protect your network.  Then, if something manages to get through your firewall, the next layer of protection is advanced email security that is able to identify and filter out suspicious emails. Additionally, if something does get through to email, a comprehensive system should alert the monitoring team so they can step in and take action if needed.

Taking it a step further, endpoint detection and response will protect each of the individual computers and mobile devices your team uses every day. To cap it all off, your employees should be trained to look for suspicious email triggers. They are your first line of defense.

Consider your dealership, the legacy that has either been passed down for generations or that you plan to one day pass down yourself. One cyberattack could change all of that. Protect your dealership, protect your legacy, before it’s too late.

1 Sophos, The State of Ransomware 2022
2 Coveware report,, Buckle up – automotive dealerships unprepared for cybercrime
3 Total Dealer Compliance
4 Total Dealer Compliance
5 Forrester Research, 2020

You May Also Like

Understanding Automotive Connected Consumers

Discover how auto advertisers can build effective marketing strategies for reaching connected consumers.

As digital advertising capabilities continue to grow, automotive advertisers are off to the races to optimize the right marketing strategies to connect with future buyers. Whether it’s through social, search, display, video or audio advertising, it’s important to meet and earn consumers trust where they are.

Marketing Tips for Electric Cars and Alternative-Fuel Auto Advertisers

From microchips to lithium batteries, technology is revolutionizing the future of ground transportation. Electric vehicles (EVs) have now become top of mind for many US households. About 40% of new vehicle shoppers are considering purchasing an EV within the next 12 months.1 With the rise of pioneers and challenger automakers, incumbent automakers are off to the

The Seasons Are Changing (and so are Your Customers)

As summer comes to a close, you may have noticed more changes than just the cooling weather. Odds are, if you think back to your most recent customer interactions, you notice the demographics, wants, and needs of your customers changed slightly from what they were even a few months ago. While collective habits of your

10 Things to Consider When Picking DPF Nox Sensors

DPF Nox sensors are a vital part of any diesel emissions system. Picking the right one is essential to keeping your system running smoothly. Diesel particulate filters (DPFs) are vital for any emissions system. They help reduce the number of pollutants emitted by diesel engines, and they play a crucial role in keeping our air

Maximizing Profitability in Your Dealership’s Service Drive

There is plenty of maintenance and repair work your customers need done, and that means your service drive is full and your techs are busy. But for most, standing still isn’t an option, so what can you do to continue to grow? You’ve done everything you can to decrease one line ROs.  You’ve seemingly maxed

Other Posts

Dealership Cybersecurity: Why a Proactive Approach Matters

Being proactive about cybersecurity is much cheaper and less painful than suffering the consequences of a breach.

Reynolds Acquires Cybersecurity and IT Firm Proton

The Reynolds and Reynolds Company offers dealerships cybersecurity and more by adding Proton Dealership IT to its portfolio.

TorchLight and VTech Help Automobile Dealerships Implement Cybersecurity Practices Needed for Graham-Leach-Bliley Act

TorchLight and Dealer IT today announced they have expanded their partnership to support dealerships that are meeting Graham-Leach-Bliley Act privacy standards.

How Price Expectations Can Tank Dealer Reputations

It’s no secret that dealers are enjoying record-breaking margins right now. Thanks to the squeeze on new inventory combined with soaring demand as we move into post-pandemic life, it’s never been more common for consumers to have to pay MSRP (or higher) to avoid missing out on a vehicle purchase altogether. This isn’t inherently a