CDK Ransomware Attack Highlights Growing Threat Of Third-Party Risk: Experts

The software maker says it’s making progress on bringing dealerships back onto its core systems.

As CDK Global continues making progress on bringing customers back onto its core platform after a crippling ransomware attack, cybersecurity experts told CRN that the massive disruption to car dealerships is another sign of the trade-offs involved in the growing dependance on third-party IT services.

“With the reliance on SaaS-based solutions and other service providers, the relevance of third-party risk management is huge,” said Mark Lance, vice president for DFIR and threat intelligence at GuidePoint Security, No. 39 on CRN’s Solution Provider 500 for 2024. “This is obviously a system that a lot of dealerships rely on and without the ability to leverage it, there’s large impacts.”

Austin, Texas-based CDK, a provider of software used by 15,000 dealerships, shut down most of its systems after cyberattacks struck on June 18 and 19. CDK provides SaaS-based CRM, payroll, finance and other key functions for dealerships, and has said it expects to need through the weekend to recover from the attacks.

The saga has been reminiscent of another widely felt cyberattack, the February ransomware attack against UnitedHealth-owned prescription processor Change Healthcare. The incident caused massive disruption in the U.S. health care system for weeks — preventing many pharmacies and hospitals, as well as other health-care facilities and offices, from processing claims and receiving payments.

Both the CDK and Change Healthcare attacks are a stark illustration of “just how interconnected everything is,” regardless of what industry you’re in, said Tony Cook, head of threat intelligence at GuidePoint. For many organizations today, it can be shocking to realize the full scope of third-party systems are needed for normal operations, he said.

Ultimately, the attacks “show how important security is when you’re connected to all of…

Source…