CDK Global is currently Cyberattack takes down software platform “Ransom demand” from car dealership customers
In a note to clients on Saturday, CDK said the hackers who had hacked its Dealer Management System (DMS) system had: Unavailable for clients for several daysare demanding a ransom to restore their systems.
“We thank you for your patience as we recover from the cyber-ransom event that occurred on June 19th,” CDK said in a note to customers on Saturday, according to a copy of the email obtained by CBS MoneyWatch.
CDK added in the memo that it has begun restoring its systems and expects the process of bringing key applications back online “to take days, not weeks.”
Beware of phishing
In the memo, the company warned car dealerships to be on the lookout for phishing scams, where bad actors pose as CDKs but are actually trying to obtain customers’ passwords and other sensitive information.
A CDK spokesperson told CBS MoneyWatch that the company is offering customers “alternative ways to do business” while its systems are down.
The cybercriminals behind the CDK attacks are associated with a group called BlackSuit. Bloomberg reported On Monday, the paper quoted Alan Liszka of computer security firm Recorded Future as saying: StoryThe media also reported that the hackers are demanding a ransom of tens of millions of dollars, and that CDK plans to pay it.
Liska did not immediately respond to a request for comment, and CDK itself has not indicated which group was behind the attack on its systems. It caused chaos at car dealerships across the United States. Since last week, companies targeted by ransomware attacks are often reluctant to disclose information because they are in the midst of negotiating payment with the hackers.
“Everything is done by hand”
The hack has left some car dealerships completely unable to operate, while others report using pen and paper or even sticky notes to record transactions.
Tom Maori, owner of Celebrity Motor Car Company, which operates five luxury car dealerships in New York and New Jersey, told CBS MoneyWatch on Monday that his employees are “doing it all by hand.”
“We are trying to keep our customers happy but the biggest problem is that banking is completely stalled. We can’t put money into transactions,” he said.
Asbury Automotive Group, a Fortune 500 company that operates more than 150 new car dealerships across the U.S., said in a statement Monday: Said The attack “adversely impacted” the company’s operations and hindered its ability to operate, but Coons Automotive dealerships in Maryland and Virginia do not rely on CDK’s software and have been able to operate without interruption, the company said.
Ransomware attacks In 2023, more than 2,200 organizations in the United States, including hospitals, schools, and governments, were reported to have been directly affected by ransomware. Emisoftan anti-malware software company. In addition, thousands of private companies were targeted. Some experts believe that the only way to stop such attacks is to ban ransom payments, which Emisoft said would force criminals to “quickly pivot from high-impact encryption-based attacks to other, less destructive cybercrimes.”
Earlier this year, the U.S. State Department He offered $10 million in exchange for his identity. Leaders of the Hive ransomware group, which has attacked more than 1,500 institutions in over 80 countries since 2021, causing the theft of more than $100 million.