Ransomware Attack Puts the Brakes on Car Dealers

Angry group of people with one yelling, Give us IronWeave!

It’s always personal. When there’s a crime or a betrayal of trust, it’s not just statistics. Everyone affected feels the pain.

Across the U.S. and Canada, over fifteen thousand car dealers who rely on software service provider CDK Global for every aspect of their business, from sales to financing, insurance, repairs and more – every dealer – lost access to these services. Worse yet, their business data and the personal data of their customers has been accessed and held ransom by cyber criminals.

What happens when a car dealership is taken offline by ransomware? 

  • Employee hours are reduced or jobs are eliminated. Businesses incur higher costs for performing tasks manually.
  • Data privacy is violated. Customers and employees have had their personal data exposed and are at risk of identity theft.
  • Service delays for sales, leasing, credit checks, determining loan rates, customer support, insurance, repairs, inventory and back office operations. Time is money, so it’s more than just inconvenient.

Cyber attacks and ransomware attacks make headlines every week. How can you protect yourself?

IronWeave Securely Drives Online Businesses

IronWeave’s decentralized infrastructure protects against cybersecurity threats. Centralized platforms and data centers offer a single point of failure. Time and again we see staggering economic losses and millions of compromised personal records. IronWeave’s shared-block architecture secures any type of data in an individually encrypted block. 

How the ransomware attack crippled Car Dealerships

To use CDK Global's services, car dealerships configure an always-on VPN to the SaaS provider's data centers, allowing their locally installed applications to access the platform.

The cyberattack caused CDK to shut down its IT systems, phones, and applications to prevent the attack's spread.

Ryan Callahan, General Sales Manager for a Massachusetts dealership noted, “Our remote registration system is rendered useless without CDK to talk to it. We’ve had to send a runner with the registrations to the DMV to be completed in packs, costing several days where prior it took hours,” Callahan said in a recent interview with CNN.

With automated functions offline, operations have to be performed manually. For example, orders are being taken with pen and paper or on sticky notes. Now, the dealership or buyer has to register with their local DMV in person, one of many automated functions affected. In some DMV locales, the influx of walk-ins has been so great that they won’t allow walk-ins. The result - people are buying cars that they cannot legally drive.

Repairs need spare parts and now keeping track of inventory must be done manually degrading the service department’s efficiency.

All of this work now being done manually has significant financial costs due to lower productivity.

Personal data may now be exploited for identity theft or theft from an individual's financial accounts.

With lawsuits already being filed against CDK Global, the individual dealers may face costly legal exposure if found negligent.

As of June 26, 2024, there are reports saying the CDK Global platform might not be functional for all dealers for weeks or months. [July 3, 2024 Update: CDK Global states full restoration is almost complete, ahead of schedule]

Vulnerabilities in Current Systems

There are a variety of ways that traditional systems can be breached. There are phishing emails where cybercriminals send emails with malicious attachments or links. When opened or clicked, the ransomware is downloaded and installed. They often appear to be legitimate and trick users into taking action.

Another method is Remote Desktop Protocol (RDP) exploitation. This uses stolen or brute-forced credentials to gain unauthorized access to systems via RDP. From there, they can directly download and execute the ransomware.

Software vulnerabilities are yet another.  Cybercriminals take advantage of unpatched or outdated software to access systems. They target known vulnerabilities in operating systems or applications to install ransomware. (always keep your software updated!)

IronWeave vs. Ransomware

How do Ransomware attacks work? Broadly speaking, once a hacker gains entry into a centralized system they are free to alter, steal or encrypt the data and hold it for ransom. Centralized systems allow for a single point of failure, a single entry point.

IronWeave’s multi-blockchain fabric with shared-block architecture provides data security in a unique way with no single point of failure.

Each individual unit of data is protected in an independently encrypted block, a virtual vault. Distributing data across a multitude of encrypted blocks prevents mass data access by compartmentalizing the data. This could be any type of information: payment information, messages, files, personal info, inventory counts, or whatever else is required to conduct business. 

Each block on IronWeave is encrypted, with multiple copies sent to participating nodes. If any one block is breached, the original data can be reconstituted, neutralizing any potential ransom demands. Immutable data vaults ensure data cannot be altered, preventing tampering.

IronWeave Would Have Thwarted the Attack

Let’s imagine that car dealers are using IronWeave to conduct the same business functions performed on CDK Global. How would the IronWeave version be more secure?

Firstly, a hacker wouldn't know where to target a specific dealer. Unlike Web2-based companies, there's no URL directing to the attack target. And there’s no public chain, such as Bitcoin or Ethereum where transactions are publicly visible. How do you attack what you can’t see?

Now imagine a dealer keeps a record of lease payments for a customer on one chain on the IronWeave platform. If a hacker were able to access one record by breaking the encryption they might only learn from that one block of data that Ms. Jones made her January payment of $230.00 on time. Now the hacker re-encrypts it to try to hold that info ransom. That hacker is out of luck: there are multiple copies of that block, so the data can be reconstituted. 

Ironweave’s strengths: Not scannable on a public chain and each unit of data is individually encrypted. Access to that data is granted by the creator of that particular chain on Ironweave.

Long-term Benefits of Adopting IronWeave

Traditional online databases and platforms are poorly built ships with holes below the waterline. Pirates regularly board the ship and take what they want. We can keep bailing and hope that we stay afloat while hoping the inevitable pirates aren’t too mean. We know they are coming. They always do.

In this metaphor, IronWeave is a silent fleet of submarines. They run beneath the surface, each one safely bringing their cargo to its destination. Since there are multiple copies of the data no individual submarine is a tempting prize for ransomware hackers and neither would it be meaningful if one were lost. 

Businesses that adopt IronWeave’s solution to data security will be rewarded on multiple fronts. 

  • Greater security from a decentralized model where data is not publicly accessible and is encrypted at the individual data unit level.
  • Control over the data you own, including who can access it, how much can be accessed, and how it might be monetized.
  • The flexibility to comply with financial or healthcare industry regulations.

The Road Ahead

This latest ransomware attack on CDK Global makes it painfully clear that we can no longer continue to do business as usual. The cost is too great for businesses financially and reputationally, and for individuals with the loss or exploitation of personal information. It goes beyond that as well, to the larger question of self-sovereignty of data:owning and managing your own data. We are still using the flawed model where centralized platforms own and manage your data. 

IronWeave’s data security brings peace of mind to business owners and stakeholders using the IronWeave platform. The level of security allows for the secure storage and transfer of any type of data: personally identifiable information, financial records and transactions, health records, and many others. Highly regulated businesses including finance, healthcare, and insurance will benefit from IronWeave’s robust data security.

The data you put on an IronWeave chain is your data. You can share it with other businesses in full or with conditional access. You can monetize it on your terms. In this new world you never need to allow your data to be exploited and monetized by a centralized third party. We think you’ll like this world.