Top 2 Cybersecurity Threats for Auto Dealers in 2020

Cybercrime is the fastest growing type of crime in the U.S., according to the FBI. Nearly half of all cyberattacks target small- to medium-sized businesses. It’s not a matter of if, but when your dealership will fall victim to a sophisticated cyberattack.

Although many types of cybercrimes are perpetrated against U.S. businesses, auto dealerships are most vulnerable to social engineering attacks and ransomware.

Social Engineering

This type of attack involves manipulating people to perform an action that benefits the cybercriminal. Phishing, spear phishing, business email compromise (BEC) and CEO fraud fall into this category.

The goal of these attacks is to get money. Hackers will spoof emails that impersonate dealership principals or other senior executives, asking someone in accounting to transfer funds for what appears to be a legitimate purpose.

Other examples of social engineering attacks include spoofed emails from employees requesting a change to their direct deposit account, or an email from a senior executive asking for PDFs of all employees’ W-2 forms. Another common type is an email from a colleague asking someone in accounts payable to pay an invoice that is attached to the email. Both the invoice and company are fake, but the cybercriminals will cash your check.

If an employee clicks on a link or downloads a file from a phishing email, hackers can also gain access to your network. Once there, they may try to steal login credentials for financial accounts so that funds can be transferred out, or they might locate and exfiltrate customer data in order to monetize it.

Tech support fraud is another type of social engineering scam, where criminals claim to provide customer, security or technical support in an effort to gain access to victims’ devices.

In the last six years, nearly 70,000 victims in the U.S. have fallen for business email compromise scams, resulting in a dollar loss of over $10 billion. Once the money is transferred, it’s gone forever.

Ransomware

Ransomware is a type of malware that most often infiltrates your network through phishing and spear phishing emails.

Imagine getting an email from one of your suppliers that says, “Invoice attached.” The email addresses you by name and includes a friendly little message from your account rep at a supplier. You trust the sender so you click on the email attachment and the ransomware is downloaded onto your computer.

Alternately an email could take you to an infected website that will download the malware onto your computer. From there it spreads into your dealership’s computer network. The danger in ransomware is that it lies dormant for a period of weeks or months. Back-ups of your data performed during this period of dormancy will also back-up the ransomware.

Once the ransomware goes “live,” your most recent back-ups will also be encrypted, so it’s impossible to restore your files from your most recent back-ups. In order to decrypt your files and have access to them again, the cyber thieves demand a ransom.

At this point you have two choices. Pay the ransom or lose all your files and data. The majority of cyber thieves demand the ransom in bitcoins, a form of electronic currency that’s untraceable.

Recently there’s been a rise in a type of ransomware attack where the hackers threaten to leak customer data if they are not paid by their deadline. Auto dealerships are particularly vulnerable to this type of attack because they store personal and sensitive information for thousands of customers. If the hackers leak the data, your dealership is legally liable for the data breach.

Ransoms can range from thousands to tens of thousands of dollars. In a recent ransomware attack on an auto dealership in Florida, the hackers demanded $600,000.

Ransomware attacks are on the rise, with annual damages predicted to reach $20 billion in 2021, a 74% increase over $11.5 billion in 2019. In 2019, a business fell victim to a ransomware attack every 14 seconds.

Most small- and mid-sized businesses end up paying ransoms because they can’t afford the downtime and lack of access to critical data. In addition to the ransom paid, small businesses lose an average $100,000 per ransomware incident due to downtime and recovery costs, according to CNN Business.

Prepare Your Dealership

The most effective way to prevent social engineering and ransomware attacks is to enroll your employees in a security awareness training program. These programs send simulated phishing attacks to your employees. If an employee clicks on the link, they are immediately enrolled into an online training program. Over the course of a year, continued security awareness training has been proven to reduce the risk of phishing attacks from 27% to 2%. That’s potentially a huge return for a relatively low cost.

Other tips to prevent cyberattacks include: