Your dealership is a treasure trove of data. Think about it… names, phone numbers, addresses, work details, salary, and social security numbers for hundreds, if not thousands, of consumers. Financial details about their vehicle purchases. Credit card information from service. The list goes on and on. All of this data makes dealerships a prime target for cyber-attacks. Here are some facts to get you considering the impact of cybercrime in automotive:
- Ransomware is the most common form of attack in automotive and email is the number one method for gaining access to a dealership’s network.
- The average ransomware remediation costs are $1,400,000.1
- Business are down after a ransomware attack for an average of 21 days.2
- 84% of consumers would not buy another vehicle from a dealership after their data had been compromised.3
- 30% of dealerships are not up-to-date on their security software.4
- Only 21% of security professionals think their current security controls are adequate.5
Let’s break these down.
What exactly is ransomware?
Ransomware is a malicious software that gets into the dealership’s network, encrypts and often steals data, and then demands a ransom payment in order to get it back.
Think about each of your departments and the interactions they have that could be a cyber-threat:
Sales people: They are tasked with answering online inquiries daily. They are supposed to be timely so they don’t impede customer satisfaction. So, do you think they stop to consider every email they receive and whether or not it’s a potential threat? Probably not, they simply respond without question.
Business Office personnel: These folks are routinely sending information inside and outside the dealership. These could be reports to management or invoices to outsides vendors. They are also in charge of receiving and making payments.
Fixed Ops: Again, this crew is receiving various inquiries about service appointments, price estimates, parts availability through email. They are busy and don’t have the time, or maybe even the knowledge, to stop and consider whether every request is safe.
All of the interactions above are what make email such an easy target. People expect emails, and they are used to working quickly. So how exactly do hackers do it?
How do hackers penetrate your network?
Hackers have become so sophisticated, they are actually able to get inside your network and monitor what’s going on. They identify a contact whom you email frequently, maybe you receive an invoice or report from one of your managers weekly. After months of monitoring from the inside, they will send you a message disguised as the typical email you get. It might have an attachment that looks like the invoice or report you typically receive, but as soon as you click it, a malicious download begins in the background.
From there, depending on the level of cybersecurity you have, the hackers could completely infiltrate your network and shut you down. So what are the consequences if this does happen?
Real World Consequences to Automotive Cybercrime
As the hackers get in and start moving through your network, they begin looking for valuable data to encrypt and backups to destroy. Their goal is to execute maximum damage. When your employees begin to arrive at work the next day, they have a challenging morning. Many of them aren’t able to log on and some have a weird message on their screens. Your entire dealership is down… you can’t sell or service cars, you can’t close deals, you can’t pay bills or accept payments.
The cost of this event could be days with no operations at all. Lost customers who go to another store for a vehicle purchase or service work. Angry customers whose vehicles are in for service, but they now can’t get them for days. Then once you finally do get back up and running, it’s a slow process, getting computers back online, getting your data off the back-ups that are hopefully current, and making sure everything is accurate.
Once the dust has settled, you can finally start to think about your reputation and the impact this will have on future business. Think of the customers you’ll have to notify, and the friends they’ll share this news with.
You might now be wondering, “How do I ensure this doesn’t happen?”
Protecting Your Dealership From Cybercrime
The right cybersecurity program could be the make-or-break element in an event like this. It all starts with a strong perimeter firewall to protect your network. Then, if something manages to get through your firewall, the next layer of protection is advanced email security that is able to identify and filter out suspicious emails. Additionally, if something does get through to email, a comprehensive system should alert the monitoring team so they can step in and take action if needed.
Taking it a step further, endpoint detection and response will protect each of the individual computers and mobile devices your team uses every day. To cap it all off, your employees should be trained to look for suspicious email triggers. They are your first line of defense.
Consider your dealership, the legacy that has either been passed down for generations or that you plan to one day pass down yourself. One cyberattack could change all of that. Protect your dealership, protect your legacy, before it’s too late.
1 Sophos, The State of Ransomware 2022
2 Coveware report, Bizjournals.com, Buckle up – automotive dealerships unprepared for cybercrime
3 Total Dealer Compliance
4 Total Dealer Compliance
5 Forrester Research, 2020