Cybersecurity 
Securing privileged accounts with FIDO2 security keys is the best way to protect them from internal and external threats because they offer enhanced security and convenience
3 min read
Published on July 17, 2024
The CDK Global ransomware attack was first reported in June 2024. Ransomware infected CDK Global, a software vendor that serves thousands of North American car dealerships. This ransomware attack affected over 10,000 U.S. car dealerships, their employees and their customers.
What you should know about the CDK Global cyber attack
- The first attack occurred on June 19, 2024, and CDK Global took its systems offline.
- Customer information that was targeted in this attack included Personally Identifiable Information (PII) such as Social Security numbers, bank account numbers, telephone numbers, addresses and credit card information.
- BlackSuit, a group of cybercriminals, was identified as the group responsible for the ransomware attack.
- CDK Global informed its clients on June 24, 2024, that it would shut down temporarily as it recovered from the attack.
- CDK Global began restoring systems for car dealerships in phases, starting at the end of June into the beginning of July.
The impact of the CDK Global ransomware attack
Since about half of the country’s new car dealerships were affected by the CDK Global ransomware attack, this has caused a serious impact and has even forced some dealerships to revert back to operating by pen and paper. Because everything was digital and automated with CDK Global, when its systems were shut down as a result of the attack, many dealerships were faced with the inconveniences of completing business deals by hand and physically driving paperwork to state DMV offices. Although this may sound like a minor hindrance in the grand scheme of things, the time taken away from car dealerships to manually complete these tasks had significant financial ramifications.
Car dealerships are not the only ones affected by the CDK Global ransomware attack, though. Third-party vendors will now need to spend additional money to audit their systems to demonstrate that they are prepared for potential cyber attacks in the future.
What companies can learn from the CDK Global ransomware attack
Despite how recently the CDK Global ransomware attack occurred, there are still many lessons companies can learn as a result.
The risks of third-party services
Since so many American car dealerships rely on CDK Global, the consequences of this ransomware attack were huge. By using CDK Global for payroll and other financial purposes, thousands of car dealerships struggled after the third-party service fell victim to a cyber attack.
For companies that rely on third-party services, your organization could be left without any support following a cyber attack. Depending on how critical the third-party service is to your organization’s functionality, your company may face a similar situation to the thousands of car dealerships that were impacted when CDK Global was attacked.
The importance of zero-trust and zero-knowledge encryption
Both zero-trust security and zero-knowledge encryption are crucial in protecting the privacy of both your organization and customers. Zero trust is a security framework that assumes all users and machines are capable of being compromised, so they need to be continuously validated and have limited access to company resources.
Zero-knowledge encryption protects users’ encrypted data, and since the user is the only one who can decrypt their data, no data can be compromised – even in a data breach. With zero-knowledge encryption, a cybercriminal who hacks into a provider’s servers would not be able to access sensitive information.
The importance of strong access controls
Companies should maintain strong control over authorized users’ access to internal systems. Using Role-Based Access Controls (RBAC), your company can limit access to the absolute minimum that users need to get their jobs done. Using strong restrictions set up with RBAC, users will not be able to access anything outside of their designated role or job function. This enhances the security of your company because if any employee’s login credentials are compromised, a cybercriminal will not be able to gain access to the entire company’s data.
Another way to ensure the safety of your organization is by leveraging Privileged Access Management (PAM) to secure accounts that have highly sensitive data. Not every employee is entitled to the same access to information, so having a PAM system helps limit who has access to what.
Protect your company from ransomware attacks
After learning about the CDK Global ransomware attack, it is clear that the consequences posed serious challenges to the thousands of organizations that were impacted. However, there are steps you can take to reduce the severity of a cyber attack if one does happen to your company, including using a zero-trust and zero-knowledge security framework and reinforcing strong access controls to sensitive information.
Experience the positive impact KeeperPAMTM can make on your organization’s zero-trust security by requesting a demo today.
