Why Are Dealerships Targeted?

Cybercriminals want the same things as everyone else — private yachts, a few tropical vacation homes, and a platform to spread cybersecurity awareness. Is that last one just us? Shared dreams or not, the point remains: it’s all about the money.  

But what’s different about dealerships? Why are they being targeted by cybercriminals?  

Your organization regularly handles and houses a veritable buffet of sensitive customer information. Think about how much data you collect from just a single customer. Email addresses, social security numbers, banking details, credit reports, you name it. Now multiply that by every customer you collect information from.  

Data. So much data.  

In the right hands, this data is a tool to help keep track of records and operate more efficiently. In the wrong hands, cybercriminals can exploit it and wreak untold havoc. From unauthorized purchases to identity theft, the damage can be devastating. Something this consequential can understandably carry a high price tag within black market dealings. If the bad guys get their hands on enough sellable data, they can make millions through dark web sales. 

How do attacks happen?

 Unfortunately, the average American isn’t an avid follower of the Byte Blog. Cybersecurity is often treated as a back-of-mind IT problem rather than a business priority. We get it, though. On any given day, at any given dealership, there’s likely a week’s worth of jobs in need of completion. It can be hard to focus on a background item when you’re putting out the fire right in front of you. 

That’s what makes this so dangerous. 

An unprotected dealership is like a sitting goldmine to cybercriminals. If you’re operating with outdated software, poor password management, and no staff training, that goldmine now has a neon sign pointing directly to the entrance.  

So, how do these attacks actually start? Typically, they’ll lead off with phishing in an attempt to get an employee to hand over credentials or information. From there, it could be any number of attacks, including malware, ransomware, or adversary-in-the-middle. 

How do you stay safe?

 Cybercriminals can be scary, but they’re never invincible. It’s important that you have a vendor or provider dedicated to your cybersecurity. There are also actions you can take right now on your own. We’ve shared this list before, so it may look familiar. As you read through, see how many of these best practices are currently prioritized by your dealership. 

Update Systems Regularly
Keep your software up to date to reduce potential vulnerabilities.  

Backup Your Data
Encrypt backups and ensure your vendor or provider follows the 3-2-1 rule: three copies, two different types of media, and one offsite.  

Use Multifactor Authentication
Add extra layers of security to sensitive accounts to prevent unauthorized access.  

Enforce Access Controls
Apply the principle of least privilege! Limit access to data based on necessity.  

Segment Your Network
Reduce the spread of threats by isolating critical systems and data.  

Cyberattacks are born when opportunity meets vulnerability. For many dealerships, that’s an area much larger than it should be. Your customers trust you to keep their private data safe, and cybercriminals are doing everything they can to take that information and sell it to the highest bidder.  

Fortunately, you never have to be perfect, just prepared. Take one proactive measure today, and you’ll have a dealership more secure than it was yesterday.