By Nick Reed, Dave Cantor-Adams, Jeff Harms and Robbie Harriman.
Heightened Vigilance Advised
As you may be aware, CDK systems have recently been affected by a cyberattack. This is a “shields up” advisory to be on alert for any suspicious activity that may be related to the attack or activity deriving from attackers seeking to take advantage of the uncertainty.
To contain the situation, CDK has shut down some of its systems starting on the morning of June 19, which is impacting service. CDK customers should have received a notice, and may note a disruption during this time. If you are a CDK client, your primary concerns will likely include the protection of customer information in compliance with FTC Safeguards, as well as the continuity of service. CDK has set up an automated message line for updates on the situation: 1(855) 356-3270.
It is recommended that users refrain from using CDK systems until CDK confirms services have been restored and are safe to use. Attackers may exploit this situation to conduct a “supply chain” attack, further spreading the impact of access they have gained within CDK’s systems. They might also target auto dealers who are desperate to restore operations, tempting them to bypass security measures or overlook suspicious activities.
Be vigilant for phishing attempts, as attackers may pose as “CDK support.” Watch for red flags in emails, such as unusual requests, a sense of urgency, threats, suspicious attachments, and links. Verify any unexpected communication through secondary channels, such as calling a known CDK number or directly contacting your service representative.
Utilize system monitoring tools to detect any anomalies and take action accordingly. Ensure your environment is properly updated with the latest security patches to protect against the exploitation of vulnerabilities.
As far as next steps, we recommend confirming the details of the incident with CDK to understand how it might affect you as further details are made available. If you haven’t already, contact your service representative at CDK and look for any official bulletins released by CDK via email (be sure to verify the identity of any sender). We advise also monitoring incoming calls from anyone claiming to be a CDK representative, especially requests to share screens or other forms of remote network access.
Don’t hesitate to reach out to OCD Tech for assistance with any security concerns you may have: [email protected]
