CDK, a company that provides software as a service to auto dealerships, suffered a major cyberattack that forced it to shut down most of its systems.
As a result, companies using CDK's services were unable to conduct most of their business and were forced to resort to pencil and paper for whatever little work they could do.
According to a report on beepcomputer, when CDK detected the attack, it took most of its systems offline to prevent it from spreading. Two servers went offline at 2 am local time and remained offline for most of the day.
Disconnect VPN
“We are actively investigating a cyber incident,” the company said. beepcomputer. “Out of caution and concern for our customers, we have shut down most of our systems and are working diligently to get everything up and running as quickly as possible.”
CDK Global offers a comprehensive set of software solutions and services designed to help automotive dealers manage and improve their operations in various areas, including dealer management systems (DMS), digital marketing, business intelligence and analytics, solutions fixed operations and cybersecurity. It reportedly has over 15,000 customers and services 30,000 dealer sites worldwide.
Car dealers using CDK services have to set up an always-on VPN for the company's data centers, which then allows locally installed applications to access data stored on the servers. The company has now advised its customers to disconnect the VPN to prevent the attack from spreading to third-party systems as well.
While the nature of the attack has yet to be confirmed, typically when a company is forced to take its IT infrastructure offline it is due to ransomware. Threat actors lock their victims out of their endpoints, steal sensitive data, and then demand money in exchange for the decryption key and keeping the data private.
About fifteen hours after detecting the incident, the company restored CDK Phones, DMS and Digital Retail services. Unify and DMS logins were also available, while for other services, the restoration is still in progress.