CDK Global cyberattack: Where do we go from here?

How the auto industry is changing and responding

Hey, everyone  My podcast with George Saliba, the “TikTok Car Dealer”, is out today. We discuss his vehicle acquisition strategy and why the used electric car market is so different than anything we’ve ever experienced.

Check it out here, or wherever you get your podcasts.

—CDG

First time reading the CDG Newsletter? Subscribe here.

Last week’s CDK Global hack raised serious questions for the dealership community. The biggest one being — what now?

To answer this, we need to take a step back. This is a complex event with many valuable (and often difficult) lessons to learn.

Let’s explore the most important takeaways from the last week: how did this start, what is the industry doing now, and what happens next?

First things first…

How did this all go down?

June 19:  CDK Global sent an urgent morning email to dealerships, announcing a cyberattack and the precautionary shutdown of all their dealership management systems (DMS), otherwise known as the “brain” of the dealership.

By mid-day, they reassured dealers that some systems were back online and safe to use. However, later that night, a third email revealed a second cyberattack, meaning another complete shutdown and putting everyone back on high alert.

June 20: As the day wore on it became clear that this second incident wouldn’t have nearly as quick of a “fix” as the first. Sure enough, CDK sent another notice to dealers warning them this outage would last “likely for several days.” 

June 21: Up till this point, CDK still hadn’t confirmed the nature of what it was dealing with. But then, something wild happened. Bloomberg revealed that the company was in talks with an eastern European hacking group, which was demanding a multi-million dollar ransom.

June 24:  CDK announced that it expected to have its systems back up and running in a matter of days, not weeks as many feared.

June 25: CDK alerted users it won’t have most of its systems back online until June 30, 11 days after both cyberattacks.

And here’s the big news that dropped yesterday…

June 26: CDK confirmed its initial success in restoring DMS access to “a small initial test group” of dealers. Big deal…

Official update shared with users June 26, 2024

In a way, this felt like the first sigh of relief in what has otherwise been an extremely stressful seven days. One F&I Manager from an Indiana-based Toyota dealership couldn’t help but share his excitement online… love to see it :-)

Now that we know what went down, we need to take a look at how dealers have responded to the challenges this cyberattack created. In other words…

What are auto retailers doing right now?

Dealers are resilient and resourceful. I posted a call to action on X / LinkedIn for the dealer community to share their best practices…and boy, did everyone deliver.

I got a ton of suggestions like downloading and printing leads to continue outreach and appointments, photocopying old contracts with whiteout to create new ones, using separate systems to bill out parts, and creating rough invoices…you get the idea.

For example, April makes a great point here. The best person to talk to about payment accuracy is your lender. This probably isn’t their first rodeo.

X user Financial Markets Warrior raises the question on a lot of dealers’ minds right now. How in the world are dealers going to close out the month with no DMS?

These are crucial considerations for dealers, not just now, but also for the future if something like this happens again…knock on wood.

The good news is that I don’t think it will. The auto industry is waking up to cybersecurity, which means it’s time to tackle our big question of the day…

…What do we do next?

This Monday, I had the honor of hosting automotive leaders and cybersecurity experts for a discussion about the industry’s next steps. You can listen to the podcast of that conversation here, but these are the two major shifts emerging as the dust settles.

Segregation vs. integration:

Dealers use various software tools to run their business, and many platforms offer all-in-one, so it’s common nowadays for dealers to use integrated systems where everything works together. And as you guessed, CDK is an integrated system.

But the downside is that when CDK Global’s software was shut down, dealers lost access to all their crucial tools, meaning other programs were also at risk.

Now, a big question is whether car dealers will shift back to separate / isolated CRMs and dealership management systems to avoid potential future disasters.

Pro-tip: I don’t think going back to segregated systems is wise, as it will come at the expense of efficiency and a streamlined customer experience. Rather, I’d expect all integrated systems providers to spruce up their cybersecurity following these events—including (obviously)… CDK.

Online data vs offline storage:

Dealerships rely heavily on cloud storage because it's secure. However, last week's outage showed the downside: if the system goes down, dealers can't access their data.

Now, dealers are looking for ways to offload databases, making records accessible offline and without using a DMS.

Will dealers go back to on-site servers? Last week, I thought they would… But after chatting with cybersecurity experts, I’m not so sure anymore. Similar to the integrated systems conundrum I laid out above, I don’t believe on-site servers are the solution for dealers necessarily, although it does have its benefits.

Simply put, I'd expect the industry to keep marching forward as it has been with integrated systems, but with one caveat: DMS providers will be investing a lot more time and effort (and money) in cybersecurity than ever before.

The bigger picture: The CDK Global cyberattack is a game-changer for the car industry. We're not going back to the old ways, but I believe this will spark positive change. Yet again, the industry has proved very resilient, and it’s nice to start seeing the light at the end of the tunnel.

How much did the CDK Global shutdown impact your sales?

Login or Subscribe to participate in polls.

The Auto Hauler Exchange has revolutionized the way vehicle haulers and vehicle shippers collaborate. AHX's B2B marketplace connects vehicle haulers directly to shippers in a frictionless manner.

The Exchange helps vehicle haulers maximize their capacity while limiting empty miles. The Exchange is the first true B2B marketplace of its kind in the vehicle logistics industry.

By connecting carriers and shippers directly, carriers can save time and choose which opportunities fit their needs each day.

At the same time, shippers can rest assured that their vehicles are being moved by qualified, vetted carriers who fit their vetting program.

The Auto Hauler Exchange has democratized the vehicle logistics industry by eliminating the middleman and connecting shippers directly to available carriers.

Get off the vehicle hauling roller coaster today with Auto Hauler Exchange.

Cyber attack testing a trillion dollar industry - This week, I talked with a panel of experts to discuss the CDK Global shutdown. We dove into how these cyberattacks happen and explored best practices to prevent future incidents. Listen here.

Killing the dealership ‘courtesy shuttle’ - Last Thursday, I chatted with Charles Mizrahi, Head of Automotive Partnerships at Uber, about how Uber for Business is transforming customer service in dealerships. Catch up here.

And listen to every episode by subscribing to the CDG Podcast on Apple, Spotify, or wherever else you get your podcasts. Thank you to Uber for Business, Cars Commerce, Auto Hauler Exchange and Private Auto for making these episodes possible.

We’ve got tons of great jobs hitting the CDG Job Board right now. Here are some standouts for anyone looking for their next move.

  • Have commercial lending experience? Kinetic Advantage is looking for a Dealer Relationship Manager in California.

  • Are you a talented accountant? Go Auto is looking for a controller to join its team in Washington.

  • Have a passion for fixing cars? Riverhead Mazda is looking for a parts consultant in New York.

Looking to hire? Add your roles today—it’s 100% free.

  • CDK Global CEO defends the company’s response after the cyberattacks.

  • South Korean battery maker’s operations on hold after deadly fire.

  • Porsche recalling 31,000 electric Taycans over braking issue.

  • Volvo delays launch of EX30 in the U.S. over tariffs.

  • General Motors’ robotaxi firm Cruise getting new CEO.

Thanks for reading. See you on the next edition…

—Car Dealership Guy

Did you like this edition of the newsletter?

Tell us what you think - we want to be the best.

Login or Subscribe to participate in polls.

Want to advertise with CDG? Click here.

Want to be considered as a guest on the CDG podcast? Right this way.

Want to pitch a story for the newsletter? Share it here.

Reply

or to participate.