Skip Navigation

April 17, 2020 |

Why auto dealerships are prime cyber attack targets

Last updated: February 7, 2023

Loading table of contents...

According to the Federal Bureau of Investigation (FBI), the American auto industry has been the target of malicious cyber crime since late 2018, including phishing and ransomware attacks.

It’s not hard to understand as retail is second only to banks in terms of the most targeted sector—and within the retail market, auto dealerships may hold more consumer financial information than a bank. That means the personal information you collect, store, and share, and the financial transactions taking place each day, make your dealership a prime target for cyber crime.

Adding more challenges, today there are more potential points for unauthorized access than ever before in your IT network, supply chain, and physical inventory of vehicles. Today’s modern vehicle is an interconnected IT system with key fobs, control systems, onboard diagnostic systems (OBDs), wireless communications, and more.

Consider this, a survey by Ponemon Institute on cyber security and the auto industry revealed that 84% of respondents are concerned that security practices aren’t keeping pace with changing vehicle technology, including RF technologies, telematics, and self-driving vehicles. And 43% believe security vulnerabilities are being assessed too late in the product release process. All of this impacts auto dealerships and the ongoing commitment to ensure a secure, safe experience for customers.

Unfortunately, auto dealerships are busy places, and there's not always time left over to deal with cyber security. You’re focused on hitting sales targets and delivering cars, not reading up on the latest strain of ransomware.

If you’re a single-store operation—in the U.S., 65% of the nation’s auto dealerships are—it may be even more challenging to find the resources and time for a strong defence. And this puts you at greater risk.

Cyber security risks to auto dealerships

It’s time to get serious about cyber security and start protecting your dealership. Understanding your risks is the best place to start.

Here are five risks that could lead to cyber attacks, security breaches, and significant damage to your dealership.

Your data

The data you rely on to run your dealership represents one of the highest cyber risks. Customer names, home and billing addresses, emails, driver’s licenses, passports, social security numbers, banking and credit card information, and even vehicle purchase and service history are valuable to cyber criminals focused on making a profit from your data. They will sell and share this information among their criminal networks or bribe you for financial payments in exchange.

Attackers can lock down your computers, preventing access to the data and applications you need to run your dealership. Worse than the downtime and loss of revenue, the damage to your reputation and loss of customer trust may be the biggest hits.

One ransomware attack can make it impossible to compete for customers—when trust is lost, customers will choose another dealership. A dealer may even need to pay for a customer’s ongoing credit card monitoring services if data is compromised. Your customers expect that their personal data and financial details will remain secure and protected with you.

Total Dealer Compliance (TDC), a New York city auditing firm, surveyed 200 dealerships in five states and found that 84% of consumers would not buy another car from a dealership after their data was compromised by a security breach. The study also found that 33% of consumers lack confidence in the security of their personal and financial data when buying a vehicle at a dealership.

Your staff

Human error may just be the biggest cyber risk to your dealership. With just 3 in 10 employees receiving annual cyber security training, your staff may not understand that their direct actions and lack of good security behaviours could lead to a cyber attack. In fact, the Ponemon Institute study also showed that 62% do not have the necessary cyber skills.

Each day, employees could unknowingly put your dealership at risk. Using weak or obvious, easy-to-hack passwords to access software and systems can enable attackers to crack passwords and gain unauthorized access to your network. Does your team frequently change their passwords? Using the same passwords can also lead to easy hacking.

Email scams that fool staff into clicking on malicious emails are also high on the risk list. It’s very easy for an employee to simply click on an email and open an attachment or website link not knowing it is actually malicious. Known as phishing, these scams can easily trick recipients into clicking and opening links and files, launching ransomware into systems and networks.

The FBI has said hackers have targeted the auto industry using phishing emails that have included unsafe attachments. Once opened by employees, this enabled hackers to embed malicious computer code to gain access to computer networks.

Your supply chain

Have you thought about the security of third-party vendors and other partners in your automotive supply chain? If they are not following best security practices and do not have measures in place to keep their systems secure, that presents an immediate risk to your dealership and customers.

In the same Ponemon Institute survey, 73% are very concerned about the cyber security posture of automotive technologies supplied by third parties. Quality issues at any stage of the production cycle could create security vulnerabilities.

Last year, Toyota confirmed that as many as 3.1 million customers’ data items were compromised after an attack on its Toyota and Lexus dealerships in Japan. The customer data, stored on a server connected to that network, may have been compromised. Prior to this, a Toyota dealership in Australia also suffered an attack.

How many other people and facilities within that supply chain does that impact? And could cyber criminals be tracking suppliers within your vendor network right now?

Your cloud applications.

What about the cloud software that you use? Or the cloud-based technologies that today’s connected vehicles rely on?

While cloud-based applications provide a lot of conveniences, there is shared responsibility between you and your cloud services provider for maintaining security. It’s important to be aware of your responsibility and theirs—some providers publish their shared responsibility models online.

Attackers may even set up fake websites, pretending to appear as the login portal of a cloud service or cloud storage application you frequently access. All it takes is for you to log in to the fake website with your dealer credentials to give the attacker unauthorized access to your dealer network.

Security breaches have also occurred due to IT misconfigurations on the customer’s side. This can include everything from unmanaged or mismanaged permissions controls, not selecting or turning on the right controls to protect you, insecure data storage elements, or simply not understanding how to use and deploy the services.

In the 2019 Capital One breach, among the largest ever, a hacker gained access to more than 100 million Capital One customer accounts and credit card applications. The hacker had gained access through a misconfigured web application firewall—a reminder of the importance of strong, properly deployed cloud security.

Put the right defence in place

Just as you protect your physical inventory from theft, securing your online assets and ensuring your supply chain is protected are critical to protecting your dealership. Putting the right cyber security protection in place will enable you to defend against cyber attacks and build a safer business.

Get started today by speaking with one of our cyber security experts to help you understand how you may be at risk and how we can help. Contact us today.