Cyber Crime Targeting Car Dealers

Neighborhood car dealers aren’t the first target most people think of when it comes to cyber crime—banks and other large corporations are usual targets that make headlines. But even small auto dealerships have reason to worry.

Car dealers store a treasure trove of digital sales and finance records, from personal info such as customer names and social security numbers, to banking and credit card information, loan applications, credit reports and more. On the black market, this information can be very valuable, hence why cyber crime targeting car dealers is on the rise.

Cyber Crime Is Big Business

Cyber crime is expensive, causing damage and destruction to your digital files, stealing time and money away from your automotive business, and defrauding customers through the theft of their personal and financial data stored on your computers.

Costs balloon even more when you consider the risk of business downtime, expert IT support, business restoration, regulatory actions, potential judgements and reputational harm.

According to Cybersecurity Ventures, if the cost of global cybercrime was measured as a country, it would be the world’s third-largest economy after the U.S. and China. Cyber crime damage costs are already expected to hit $6 trillion this year, growing to $10.5 trillion by 2025.

No industry is untouched by cyber crime, including car dealers. Between 2017 and 2018, the cost of cyber attacks on the automotive industry rose 47%, from an average of $10.7 million to $15.8 million per organization according to Accenture. And the costs are continuing to inch up.

Cyber criminals are sophisticated, using clever social engineering tactics and cutting-edge technology to target small businesses that are often unprepared. By contrast, many automotive businesses tend to rely on older computers, with missing security patches and out-of-date software. Dealerships may not have resources for highly certified IT security professionals. Plus, the nature of dealership business means as many as 20 different vendors may have access to your business’s sensitive customer data, according to Zonic Design.

According to the automotive security firm Nuspire, dealership computer and email systems have to block 153 viruses and 84 spam messages a day to keep your network safe. Some malicious hacks are bound to get through, and the average dealership faces two security events per month that require an IT expert’s intervention.

Car Dealers Face Costly Hacks

With the payday incentive for criminals and the vulnerabilities of the industry, cyber crime is bound to happen to a dealership sooner or later. Dealers can face many different types of attacks, each with its own costs and damages. Consider these four recent real world hacks:

In 2019, the FBI received more than 23,000 complaints from businesses facing business email compromise (BEC) scams, with losses totaling $1.7 billion. Car dealerships were among the victims. Auto News reported that one exotic car dealer tried to wire $253,000 to another dealership, but the transaction was misdirected through a BEC scam and an online thief walked away with the funds.

Just over a year ago in Japan, Forbes reported that hackers managed to gain access to Toyota’s central network. The report said the breach exposed 3.1 million items of Toyota and Lexus customer data. Experts noted that current and former owners in the U.S. could have had their sales records exposed, which could allow hackers to try more targeted attacks against customers. The car brand may still face lawsuits and regulatory fines, depending on what the investigation reveals.

The consequences of a single data breach can drag out for years. Almost three years after a DealerBuilt software hacker accessed personal data of some 12.5 million U.S. dealership customers and posted 70,000 of the records online, the FTC announced a consent decree with the company that could result in hefty fines if new standards aren’t met. The company has already taken other costly measures to update its security and recover from the breach.

Hackers can also wreak costly havoc on your computer systems causing other kinds of damages. On a busy morning in December 2019, one South Florida dealership found all its computer systems taken over in a ransomware attack. It couldn’t sell cars or parts or service any vehicles. Instead of taking chances and paying the hacker’s ransom, the owner shelled out $285,000 for all new computers, according to the local news. Additional costs for downtime, cybersecurity and other damages made the true cost of the hack even higher.

Car Dealers Need Cyber Protection

In addition to taking proactive security measures, car dealers need protection. Luckily, you have access to CyberLock Defense, a one-of-a-kind cyber liability policy that can help limit the costs and impact of a cyber attack. This policy features:

Access to full policy limits for ransomware and cyber extortion.
Coverage for business interruption expense and extra expense up to full policy limits.
Protection including incident and claim intake management by a law firm that establishes attorney-client privilege upon the first contact.

CyberLock Defense offers broad coverage with flexible policy limits ranging from $100,000 to $10 million to suit your needs, with no sublimits, so you have full access to the limit you choose.

Get the protection you need today at CyberLockDefense.com or (844) 868-7144.