Toronto, Ontario — A new study from CDK Global has revealed that more and more automotive dealerships are falling for cyber attacks.
According to the study, 17 percent of North American automotive retailers fell victim to a cyber attack or incident in the past year.
The 2023 State of Cybersecurity in the Dealership Study, the company’s third annual report, was released as part of Cybersecurity Awareness Month.
It indicates that the three main consequences of cyber attacks on dealership financials and operations include harm to employee downtime, the need to replace or buy hardware or software and the potential for a damaged reputation.
“Cybercriminals are increasingly targeting auto retailers utilizing sophisticated methods meant to appear from secure and trusted sources,” said David LaGreca, Senior Vice President and General Manager of IT Solutions at CDK Global, in a statement. “Unfortunately, human error can waylay the best-laid plans and put a dealership at serious risk.”
LaGreca added that employee awareness training should play “an integral role in a dealership’s plan to prevent potential cyber threats.”
CDK Global listed email phishing as the top threat of 2023, followed by lack of employee awareness and ransomware. In fourth place is PC Virus Malware, in fifth is theft of business data, and in sixth place is stolen/weak passwords. Number seven on the top threats for this year is vehicle cyber attacks.
The average amount a company must pay criminals to “deal” with the issue has also increased, from $44,000 in 2019 to $740,144 in 2023. The uptick from the first quarter of 2023 alone was 126 percent.
“Dealers are left scrambling to secure customer information, resulting in an average 3.4 weeks in downtime and nearly a quarter of impacted auto retailers failing to retrieve the stolen data,” said the company.