US companies, responding to the CDK Global cyber-attack which brought down its cloud based DMS system for a period, have offered UK dealers advice on how to prevent themselves falling victim to cyber fraud.
Satnam Narang, senior staff research engineer at Tenable, said: “All organizations must understand they are a likely ransomware target.
“In order to protect themselves they have to master the basics – cyber hygiene, cyber education and cyber response plans.
“While we don’t know at the moment how CDK was compromised, the overwhelming majority of cyber attacks exploit basic cyber mistakes.”
Pieter Arntz, malware analyst at Malwarebytes, said: “Dealer groups need readily deployable and clean backups or a rollback system.
“[They need] an emergency plan on how to act when systems go down, so you don’t lose customers due to being unable to respond. Preferably a plan that has been tested to see what works and what doesn’t.
“[They need] to thoroughly investigate and remediate how the attacker got in and what they left behind, so you don’t get attacked twice and to reset all staff passwords, because you have to assume they have been compromised.”
Andy Thompson, offensive cybersecurity research evangelist at CyberArk, said: “To ensure dealer groups remain safe and resilient against cybercrime, it is crucial to adopt a comprehensive approach to identity security.
“This applies universally across industries but is particularly pertinent for dealer groups due to their complex ecosystems of human, machine, and AI interactions.
Click here to see Andy Thompson’s blog for Motor Trader.