Tag: ransomware recovery

  • Ransomware attack brings down auto dealers across the country, bringing car sales to a halt

    Ransomware attack brings down auto dealers across the country, bringing car sales to a halt

    Software creator CDK Global experienced a ransomware attack last week that left auto dealerships that use the software they distribute (Dealer Management System or DMS) unable to process car sales as they normally do.

    The DMS software is used by over 15,000 dealerships nationwide and not only helps car dealerships quickly process applications but also provides dealers with the ability to manage customer relationships and service solutions such as maintenance contracts, car rebates and even tracks dealer inventory.

    Many dealerships have begun to process car sales manually, but the software also managed appointment requests, for both buying and car maintenance grinding those services to a halt as well. The service has been down since last Wednesday and CDK Global doesn’t expect the service will be back up until June 30th although they say some services are starting to be brought back online as of writing.

    Summer time is typically a popular car buying season especially with Fourth of July sales being a staple of the industry, it’s unknown what effect this attack will have on overall sales for this quarter.

    The group behind the outage, BlackSuit, is part of a growing trend of hacks specifically targeting software suppliers and demanding lucrative ransoms to get systems back online. CDK hasn’t thus far paid the ransom and we have no confirmation of what that figure is.

    Blacksuit is known for both stealing sensitive data and locking up systems, then demanding a ransom to restore both. They also provider information to smaller hacking groups so they can carry out their own attacks including resources to intimidate victims into paying. It’s estimated they’ve carried out successful attacks on 95 organizations globally although this figure only includes companies who reported the attack. The figure is likely much higher.

    In one post on Reddit a user describes a client who was hacked by an affiliate of the group and paid $4000 to recover their data, the reach of not only Blacksuit themselves but by bad actors who utilize their services to conduct their own attacks would be impossible to determine but should make even small business owners wary as we continue to see hackers organize and expand their reach as a group rather than as individuals.

    CDK meanwhile has continually moved the goal post on when a resolution will occur, automotive dealerships were originally told systems would be up by June 21st and now June 30th but they’ve already stated even by that date systems may not be back up for everyone affected.

    “We are still doing the workarounds, using a paper processing system. The problem is we can’t load this data back into the system,” Geoffrey Pohanka, chairman of Pohanka Automotive Group located in Maryland told CBS. “We can account for the work we did in our general ledger from a financial statement standpoint, but it’s very hard to pop all this data back into the system so you can have access to it later.”

    Attackers continue to grow more savvy and the effects of an attack like this won’t only incur damages such as downtime or a loss of data or even the financial burden of paying a ransom, they can affect customer perception of your business and cause customers to lose faith in your ability to service them.

    At Valley Techlogic, cybersecurity is a keystone offering of our technology support plan. We follow cybersecurity frameworks such as NIST, CIS, HIPAA and CMMC to ensure we’re following nationally recognized standards for cybersecurity protections.  If you would like to ensure an attack like this will never happen to your business, or if you’ve already experienced a hack and are looking towards the path to recovery, Valley Techlogic can support your business today.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley Techlogic, leading provider of trouble free IT services for businesses in California including Merced, Fresno, Stockton & More. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic and LinkedIn at https://www.linkedin.com/company/valley-techlogic-inc/.

  • The biggest cyber security breaches of 2023

    The biggest cyber security breaches of 2023

    Now that it’s 2024 we’re reflecting on the biggest events in tech that occurred in 2024, and in today’s article we want to talk about the biggest cyber security breaches that occurred in 2023.

    Before we get into it, let’s talk about the hard numbers.  Across the board, cyber threats are up year over year and 2023 was no exception. Here are 8 eye opening statistics on cyber threats as of writing:

    1. The global average cost of a data breach is $4.45 million and a ransomware attack $5.13 million as of 2023.
    2. The average lifecycle (discovery to remediation) of a data breach is 277 days.
    3. 74% of data breaches still involve a human element in 2023.
    4. 64% of Americans have not checked to see if there data has been lost in a data breach.
    5. Almost half (46%) of all cyberattacks were on US targets.
    6. More than 1 million identities were stolen in 2023.
    7. 30% of those people were a victim of a data breach in 2023.
    8. 54% of office works express feeling “cybersecurity fatigue” in regards to news of data breaches.

    Unfortunately, public apathy towards cybersecurity preventions from ongoing, sustained attacks and the lucrative nature of successful attacks performed on business entities makes for a potent recipe in these attacks only continuing to increase in 2024.

    We want to take a look back at the biggest breaches that occurred in 2023 and also present our solution for preventing an attack of this nature from occurring to your business.

    1. MGM – Occurring in September, the unusual way MGM was breached made headlines because it did not initially involve a computer. Instead, attackers posed as people of importance to the company via a phone call and gained access to their systems, causing a loss of reputation, $100 million in damages, and 5 class action lawsuits to be filed.
    2. ChatGPT – Not even AI is safe when it comes to targeted attacks from hackers, in March of 2023 a bug in their source code exposed the personal information of a 1.2% of their Plus Subscribers including home addresses, full names and email addresses.
    3. MOVEit File Transfer System – The fallout from this breach that occurred in June 2023 extended far beyond the file system management software company itself, including California’s biggest pension fund holders CalPERS and CalSTRS.
    4. RockStar – RockStar is another example like MGM that proved hackers don’t need expensive equipment to breach insecure systems, with this breach being conducted using a cellphone, a hotel room TV and an Amazon FireStick.
    5. The City of Oakland – An entire city was the target of a hack that occurred in February of 2023, the sustained attack which lasted more than a week prompted the city to even declare a state of emergency while systems remained offline. Class actions lawsuits were also filed in the aftermath of the attack in this case.

    These are just five attacks that made major news last year, but there were thousands more that did not make major news. When an attack occurs on a small business many times it leaves the owners with no choice but to close up shop (60% of small businesses that are the victim of a cyber attack close within 6 months).

    As IT providers it’s a frustrating topic for us as so much of this is preventable. If more preventions were put in place and it was more difficult for attackers to realize their goals than it would have a cumulative positive effect overall. As the saying goes, an ounce of prevention is worth a pound of cure. Let us help you meet your cybersecurity goals in 2024 by clicking on the image below.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley Techlogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.