CDK Global, which operates a network of auto dealerships, has been hit by ransomware and is being asked to pay millions of dollars



CDK Global, which provides systems used by 15,000 car dealerships across the U.S., was hit by a cyber attack and its systems went down. After the first wave of attacks, the second wave of attacks occurred just as the system was being restored, and at the time of writing, it is expected to take several days to restore the system.

CDK Hackers Want Millions in Ransom to End Car Dealership Outage - Bloomberg
https://www.bloomberg.com/news/articles/2024-06-21/cdk-hackers-want-millions-in-ransom-to-end-car-dealership-outage




Car dealerships are being disrupted by a multiday outage after cyberattacks on software suppliers
https://www.nbcnews.com/tech/security/car-dealerships-are-disrupted-multi-day-outage-cyberattacks-software-s-rcna158385



CDK Global hacked again while recovering from first cyberattack
https://www.bleepingcomputer.com/news/security/cdk-global-hacked-again-while-recovering-from-first-cyberattack/

The first cyber attack occurred on CDK Global on the night of June 18, 2024. CDK Global immediately began responding by shutting down the login system and servers. Some systems were restored by the afternoon of the 19th, but a second wave of attacks occurred on the night of the 19th, making the system unavailable again.

'We continue to shut down most of our systems as an ongoing precaution and to protect our customers,' CDK spokeswoman Lisa Finney said in an email to clients.

CDK initially aimed to restore its systems on June 21, but as of June 24, the restoration work was still ongoing and is expected to take several more days. There are also reports that ransomware was used in the attack, and the attackers are demanding ransoms of millions of dollars (hundreds of millions of yen).

The news site BleepingComputer quoted an automotive industry security expert as saying, 'If CDK brings services back online too quickly, it could increase the risk to customers.' Although the CDK service outage has a major impact on the automotive industry, if the scope of the breach is not properly investigated, there is a risk of secondary damage.

Bloomberg quoted an anonymous source as saying that the attack was believed to be carried out by a group based in Eastern Europe, and that CDK plans to pay the ransom. However, the source added that this information is not definitive, saying that 'the discussions are fluid and the situation may change.'

Related Posts:

in Security, Posted by logc_nt