CDK Global Begins Restoration After Cyberattacks: Reports
- by nlqip
The maker of software used by thousands of car dealerships has reportedly been in negotiations with threat actors over a ransom payment worth tens of millions of dollars.
CDK Global has begun to restore its systems and has been in negotiations with threat actors over a ransom payment, purportedly worth tens of millions of dollars, according to media reports.
Austin, Texas-based CDK, a provider of software used by 15,000 car dealerships, shut down most of its systems after the cyberattacks struck last Tuesday and then again on Wednesday. CDK provides SaaS-based CRM, payroll, finance and other key functions for dealerships.
Late Friday, Bloomberg reported that a cybercriminal group was demanding tens of millions of dollars, and that CDK intended to pay the ransom. BleepingComputer reported Saturday that the BlackSuit ransomware group, believed to be the new name for the group known as Royal Ransomware, was behind the CDK incident.
BlackSuit had been negotiating with CDK for a payment in exchange for providing a ransomware decryptor and pledging to not leak data stolen from the company, according to BleepingComputer.
On Sunday, Bloomberg and Reuters reported that restoration efforts by CDK had begun. The restoration is expected to take “several days and not weeks,” according to a CDK statement cited by Bloomberg.
CRN has reached out to CDK for comment.
While CDK was working to recover from the first attack last week, the company was struck by a second attack late on Wednesday evening, according to CDK.
“Late in the evening of June 19, we experienced an additional cyber incident and proactively shut down most of our systems,” CDK said in a statement provided to CRN Thursday.
CDK said in a recorded message heard Friday that “in addition to our customer systems, many integration points have been disabled.”
The system shutdown resulted in an outage that has severely affected thousands of car dealerships. “CDK basically runs our entire store,” a staff member at a car dealership in New Castle, Pa., said in an email to CRN Friday.
The recorded message from CDK alluded to frequent impersonation scams targeting dealership staff, with attackers posing as representatives of CDK or its affiliates in an attempt to gain credentials. “Do not provide sensitive information such as passwords or provide system access under any circumstances,” the recorded message warned.
Source link
lol
The maker of software used by thousands of car dealerships has reportedly been in negotiations with threat actors over a ransom payment worth tens of millions of dollars. CDK Global has begun to restore its systems and has been in negotiations with threat actors over a ransom payment, purportedly worth tens of millions of dollars,…
Recent Posts
- QNAP pulls buggy QTS firmware causing widespread NAS issues
- N-able Exec: ‘Cybersecurity And Compliance Are A Team Sport’
- Hackers breach US firm over Wi-Fi from Russia in ‘Nearest Neighbor Attack’
- Microsoft rolls out Recall to Windows Insiders with Copilot+ PCs
- Five Companies That Came To Win This Week