Phishing #1 at Dealerships

10846071263?profile=RESIZE_400xFifteen percent of car dealers have experienced a cybersecurity incident in the past year.  Of those impacted, 85% of the occurrences were due to sophisticated phishing attempts concealed as legitimate emails that resulted in data breaches, IT-related business interruptions and loss of revenue. 

The 2022 State of Cybersecurity in the Dealership report from CDK Global Inc. surveyed business and IT executives at 201 car dealerships in the United States about their current cybersecurity posture.  The study found that 37% of auto retailers are confident in their current cybersecurity protection, resulting in a 21% decrease in preparedness compared to CDK Global’s 2021 study.  The report found nearly 60% of dealers plan to prioritize upgraded investments in cybersecurity infrastructure, including: Anti-virus and malware protection increased by 31% compared to 2021; followed by establishing secure networks with consistent updates and patching.

Dealers plan to update cybersecurity measures to combat top cyberthreats, such as email phishing, ransomware, lack of employee awareness, theft of business data, PC virus or malware, and stolen or weak passwords.  Additional action plans include securing endpoint devices, investing in cybersecurity insurance and continued staff training.

Dealerships are preparing for the influx of possible attacks to their infrastructure, including hiring cybersecurity experts both in-house and externally and educating staff on detecting potential cyber threats.  “With the recent surge of ransomware attacks around the world and the advancement of security protocols we have made, cybersecurity remains a huge priority,” said the general manager and a partner at Team Automotive Group in Baton Rouge, Louisiana. “The risk to businesses and our industry is at an all-time high, and we take that risk very seriously.”

The Director of IT Operations at The Patrick Dealer Group locations in Illinois, echoed the recommendations on dealer cybersecurity safeguarding. “Engage with a chief information security officer who aligns with FAIR/NIST/CISA standards, research best practices and follow directions on structuring a layered cybersecurity program for your business,” he suggested. “Cybersecurity investments will pay dividends in threat/risk reductions.”

Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization.    For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or      

Weekly Cyber Intelligence Briefings:

  • Reporting: https://www. redskyalliance. org/   
  • Website: https://www. wapacklabs. com/  
  • LinkedIn: https://www. linkedin. com/company/64265941   

Weekly Cyber Intelligence Briefings:

REDSHORTS - Weekly Cyber Intelligence Briefings


E-mail me when people leave their comments –

You need to be a member of Red Sky Alliance to add comments!

Join Red Sky Alliance