The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.
Recent trends show that car dealerships are becoming a prime target for cyber-attacks, partly due to the rise in autonomous and connected vehicles. This is in addition to more traditional attacks such as phishing. Therefore, car dealerships are urged to take measures to improve their cybersecurity.
Throughout this article, we will focus on how to protect your car dealership from cyber-attacks, from technological solutions to raising staff awareness, and more.
Why are car dealerships being targeted by cybercriminals?
Car dealerships collect a significant amount of data which is often stored on-site. This data includes things such as names, addresses, email addresses, phone numbers, and perhaps more importantly, financial information such as bank details and social security numbers. Gaining access to this database can be very lucrative for criminals.
According to the Second Annual Global State of Cybersecurity Report by CDK Global in late 2022, 15% of all auto dealerships surveyed sustained a cyberattack that year, with 85% of the incidents occurring due to phishing specifically. The report also found that as customers move to a more mobile environment, dealerships will need to secure their desktops and mobile devices to protect against potential cyberattacks.
A cybercriminal’s life is made much easier if a car dealership uses outdated IT infrastructure and lacks sufficient processes in terms of protecting employee login details.
How are car dealerships vulnerable to cybersecurity attacks?
Before we discuss how to protect your car dealership from a cyber-attack, it is important to know what makes a car dealership vulnerable, and what sort of attacks it could be subjected to.
- Open Wi-Fi Networks - Many car dealerships have open Wi-Fi networks for their customers to use freely. However, this provides an opportunity for hackers who can potentially access other areas of the network that store sensitive data.
- Malware - Malware is possibly the most likely form of cyber-attack, targeting individuals within your organization with malicious email attachments that execute software onto the victim’s device. This software can then grant the attacker remote access to the system.
- Phishing - Phishing emails are much more sophisticated than they used to be, appearing much more legitimate, and targeting individuals within the company. If an email seems suspicious or is from an unknown contact, then it is advised to avoid clicking any links.
- User error - Unfortunately, anyone working for the car dealership, even the owner, could pose a risk to security. Perhaps using lazy passwords, or not storing log-in details in a safe place. This is why cyber security training is now becoming mandatory at most businesses.
The consequences of cyber-attacks on car dealerships
If a small-to-medium-sized car dealership is the victim of a cyber-attack, then it can have a much bigger impact than just a short-term financial loss. Some smaller businesses that suffer a data breach may go out of business after such an event, losing the trust of their customer base, and failing to recover from the financial impact.
Research suggests that most consumers would not purchase a car from a dealership that has had a security breach in the past. Failing to prevent a cyber-attack and a criminal from gaining access to customer information is extremely detrimental to a business’s public image.
How to protect your car dealership from cyber-attacks
Regardless of whether you already have security measures in place, it is always advised to assess how they can be improved and constantly be on the lookout for vulnerabilities within the organization.
In this section, we will discuss how to improve cybersecurity within a car dealership, breaking down the process into three key stages.
Stage one - Implementing foundational security
Establishing strong foundational security is key to the long-term protection of your business. When creating your foundational security strategy you should focus on seven main areas.
1. User permissions
Ensure administrative access is only provided to users who need it as granting unnecessary permissions to standard users creates numerous vulnerabilities. Ensure that only the IT administrator can install new software and access secure areas.
2. Multi-factor authentication
Multi-factor authentication means more than just a traditional username and password system. Once the log-in details have been entered, users will also need to enter a PIN that can be randomly generated on their mobile phone, or issued periodically by the administrator.
For added protection, you could also implement a zero-trust strategy.
3. Data backup recovery processes
The effects of ransomware attacks can be sometimes avoided if important files are regularly backed up, such as each morning. Once stored, there should also be procedures in place to quickly restore this data to minimize any downtime.
4. Firewalls and other security software
Many car dealerships continue to use older firewall software and outdated security services. Newer, next-generation firewalls offer much more protection, securing even the deepest areas of the network while being more effective at identifying threats.
5. Endpoint protection
The endpoint refers to a user’s mobile device or computer that may be targeted by attacks such as phishing emails. Endpoint protection can help secure these devices, identifying malware and preventing it from spreading to other parts of the network.
As part of modernization efforts, some businesses are choosing to protect their phone systems by using a cloud solution.
6. Email gateways
Similar to the above, email and web scanning software is essential to protect data and business operations. This can identify threats and warn the user to prevent them from opening malicious links or opening suspicious attachments.
7. Email training
Many businesses test their workforce by sending fake phishing emails to see how employees respond. If the correct actions are not taken, then the individual can be given cyber security training to raise their awareness so that they take appropriate action in the future.
Stage two - security processes
Once all of the above has been assessed and the necessary course of action has been taken, it is time to think about the critical security processes that need to be implemented. These are vulnerability management, incident response, and training.
1. Vulnerability management
Firstly, an inventory of your assets (software and devices) needs to take place so you know what needs to be protected. Once this has been done, all software should be checked to determine if it has been patched with the latest update.
Finally, vulnerability scans should be run on a monthly or quarterly basis. This can be done via penetration testing or an internal network scan.
2. Incident response
Policies should be drafted in the case of an incident or data breach so the correct course of action can be taken in terms of contacting the necessary parties. Numerous people should also be trained to respond to an incident should a key individual, such as the IT manager not be present.
Network analysis needs to take place immediately after an incident, whether this is in-house or externally. This is necessary for insurance purposes.
Cybersecurity and Acceptable Use policies need to be created so everyone knows what needs to be done in the event of a breach and what their responsibilities are. This can be combined with thorough security training to increase awareness.
Stage three - ongoing security activities
To ensure your business is protected at all times, it is vital that your IT team is on top of things and you do not rest on automated tasks and policies.
Key activities include:
- Using an encrypted email solution
- Employing a VPN for remote workers to encrypt the connection
- Mobile device security, management, and protection
- On-going monitoring, risk assessments, and sticking to best practices
Protecting your car dealerships from Cyber-attacks - summary
According to October, 2022 research from CDK Global, car dealerships are being targeted by cybercriminals who see them as an opportunity to steal sensitive information and financial details. This can be done in multiple ways including phishing scams and malware.
To tackle this, car dealerships should focus on three key areas: the business’ foundational security, implementing security processes, and performing key security activities on an ongoing basis.