Skip to main content

Top 5 Cyber Threats Facing Auto Dealerships in 2024

By July 2, 2024No Comments

Top 5 Cyber Threats Facing Auto Dealerships in 2024

Do you know about the growing cyber threats to your auto dealership? In 2024, car dealers face a tough cybersecurity challenge. They handle valuable customer data and big money, and use lots of digital tech. This makes them a big target for hackers, putting customer trust and business at risk.

Recently, 46% of dealerships got hit by cyber attacks, causing big problems. But, 75% of them got better at security after the FTC Safeguards Rule came out. This shows how important it is to stay on top of cybersecurity in 2024.

Key Takeaways

  • 46% of dealerships experienced a cyberattack with negative effects in the last year.

  • 75% of dealerships reported better security after implementing the FTC Safeguards Rule.

  • Email phishing is the top threat to automotive dealerships.

  • Ransomware attacks have drastically increased, with payments rising to $228,000 on average in 2022.

  • The automotive industry could face a $505 billion loss due to cyber attacks by 2024.

  • Dealerships need strong cybersecurity to keep customer data safe and keep business going.

The Increasing Risk Landscape for Auto Dealerships

Auto dealerships now see cyber security as very or extremely important. This is because of a big rise in data breaches and other digital security issues. A big 85% of them think cyber security is key.

Last year, 89% of dealers said cyber security matters more now. This is a big jump from before. But, only 37% feel sure about their cyber security, which is down 21% from 2021.

Dealerships use more tech like CRM systems and IoT devices. This makes them more at risk for data breaches. Connected cars are a big target for hackers, putting dealers at risk. Phishing attacks hit 36% of dealers, hurting trust with customers.

High employee turnover, at 24% a year, makes training hard. This weakens their digital security. So, teaching employees about cyber security is key to reducing risks.

Ransomware attacks are a big worry. They can shut down dealerships for 16 days on average. The average cost to fix this is $228,125. Only 65% back up their data, and just 27% test their plans to handle attacks.

Cybersecurity Metric Current Statistics Dealerships Considering Cybersecurity Very Important 85% Dealerships Viewing Cybersecurity as More Important than Last Year 89% (12% Increase) Dealerships Confident in Cyber Security Measures 37% (21% Decrease from 2021) Customer Loss Probability After Data Breach 84% Phishing-Related Breaches 36% Average Downtime Post-Ransomware Attack 16 Days Average Ransom Payout $228,125 Dealerships Backing Up Data 65% Dealerships Testing Incident Response Plans 27%

More dealers are investing in IT, with 60% planning to improve their IT and 31% more on antivirus tools. It’s crucial to tackle digital security challenges to protect customer data and keep business running smoothly in a tough threat landscape.

Recent Cyber Attacks on Auto Dealerships

The auto industry is now a big target for cyber attacks. This makes car dealerships very vulnerable. We’ll look at some big cases from around the world.

The Eagers Automotive Cyberattack

Eagers Automotive, a big dealership group in Australia, had a big cyberattack. It got into their IT systems and found out customer info. This shows how cyber attacks can really mess up a business and put customer info at risk.

The Arnold Clark Cyberattack

Arnold Clark in Europe got hit by a ransomware attack. This attack took thousands of customers’ data. It shows how important it is to have strong security to keep data safe from big problems.

The Holdcroft Group Attack

The Holdcroft Group in the UK also got hit by a ransomware attack. This attack shared info of both staff and customers. These stories show how risky it is for dealerships today. It’s key to have good cybersecurity to protect against these threats.

Key Cyber Threats for Auto Dealerships

Auto dealerships face many cyber threats that can harm their work. These threats include email phishing, ransomware threats for dealerships, and social engineering scams.

Email Phishing and Social Engineering

Email phishing is the top cyber threat for auto dealerships for the third year. It tricks employees into sharing secrets or downloading bad software. With many employees leaving, this problem gets worse.

Social engineering scams are also rising. They use tricks to get to sensitive data. Since 32% of dealerships have had data stolen, teaching employees to be careful is very important.

Inadequate Cybersecurity Training and Awareness

Many auto dealerships don’t train their employees well on cybersecurity. Even though 73% of dealerships train their staff, the training is not enough. This lets scams like email phishing and social engineering scams work.

But, 53% of dealerships think they are safe, even though they get attacked often. This shows there’s a big gap between what they think and what really happens.

Ransomware Attacks

Ransomware threats for dealerships are very dangerous. They can make it hard to get to data and hurt the business’s money. About 46% of attacks hurt the business a lot, making dealers lose money and data for 3.4 weeks on average.

Some dealers had to replace hardware or software because of ransomware. This caused big problems for the business, like hurting customer service and sales. In the end, 31% of dealers said their reputation was damaged after an attack.

Dealerships need a strong cybersecurity plan to fight these threats well.

Cyber Threat Impact Response Email Phishing High risk of data theft; wide dissemination Enhanced email filters, employee training Social Engineering Manipulation of individuals; data breaches Regular security drills, awareness programs Ransomware Operational shutdowns; financial losses Backup strategies, incident response plans

Impact of Ransomware on Auto Dealership Operations

Ransomware attacks are a big threat to auto dealerships. They can really hurt a dealership’s ability to keep running. For example, CDK Global was hit hard by a ransomware attack. This attack affected almost 15,000 auto dealers in North America.

Many dealers felt the effects of this cyberattack. Big names like Lithia Motors and Penske Automotive Group had big problems. They had to use old-school methods like spreadsheets to get work done.

Dealership Impact Lithia Motors Operational disruptions Group 1 Automotive Manual processing methods Penske Automotive Group System downtimes Sonic Automotive Customer transaction delays Asbury Automotive Group Inventory management issues AutoNation Financing process disruptions

The BlackSuit group asked for a lot of money after the attack. This shows how important it is for dealerships to have good cybersecurity. Big car companies like Honda and Toyota helped dealerships during this tough time.

Cybersecurity expert Nam Nguyen says being aware of ransomware and having good security plans is key. Without these steps, dealerships could face big financial and operational losses.

The Cybersecurity and Infrastructure Security Agency has data on how big these threats are. The Royal ransomware hit over 350 victims worldwide, asking for over $275 million in ransom. This shows the big impact of these attacks and why the industry must focus on cybersecurity.

Attacks on Connected Vehicles: A Growing Concern

Smart cars and connected vehicle technology are making cars more at risk. Hackers can now easily find ways into these cars through wireless connections. This makes it a big problem for car dealerships.

The UNECE WP.29 Cybersecurity Regulations help keep cars safe from cyber threats. They make sure cars are checked for risks and updated often. They also watch for and deal with attacks.

For example, Fiat Chrysler had to recall 1.4 million cars because hackers could control the brakes and speed. Nissan also had to stop selling its Leaf car because it was vulnerable to hacking.

Now, car makers must get a Certificate of Compliance for their cybersecurity systems. This lasts for three years. It’s because of laws like the SPY Car Act of 2017 and the SELF DRIVE Act. These laws help keep the car industry safe.

The US Department of Transportation (USDOT) has developed the Automated Vehicles Comprehensive Plan to secure connected vehicles from malicious attacks, highlighting the rising priority of safeguarding automotive technology.

Smart cars and apps have led to many recalls and safety issues. The Institute of Electrical and Electronics Engineering (IEEE) says cars’ systems are still not safe. With more money going into car technology, we need to keep up with cybersecurity.

Regulation/Standard Purpose Implementation Body Notable Examples UNECE WP.29 Framework for identifying and managing cybersecurity risks in vehicle design UNECE Fiat Chrysler recall ISO/SAE 21434 Guidance for cybersecurity engineering of road vehicles ISO/SAE International Nissan Leaf vulnerability SPY Car Act of 2017 (S.2182) Regulation of auto industry cybersecurity practices U.S. Federal Government Enhanced privacy standards SELF DRIVE Act (H.R.3388) Overview of automotive industry cybersecurity and privacy U.S. Federal Government Increased compliance for manufacturers Automated Vehicles Comprehensive Plan Securing connected vehicles from attacks USDOT Implementation of cybersecurity measures

Keeping connected cars safe from cyber threats is a big worry. The cost of cyber attacks in 2023 was $11.8 billion. This shows we need strong security in the car industry.

IoT Security Weaknesses in Auto Dealerships

The car industry is getting more digital, thanks to IoT tech. This tech helps dealerships work better but also brings new risks. Dealerships use many IoT devices, from tracking inventory to helping customers. They need strong security for these devices to protect against threats.

Common IoT Vulnerabilities

IoT tech is everywhere in modern car dealerships. But, it also brings more risks. For example, thieves can steal cars without keys because of weak IoT security. Hackers can use old software or unsecured channels to get in. They often use phishing or brute force attacks on these systems.

Here are some scary facts:

  • Automotive cybersecurity incidents went up 99% from 2019 to 2020.

  • API attacks on cars jumped by 380% in 2022, making up 12% of all incidents.

  • In February 2022, a cyberattack shut down Toyota’s Japan plants, stopping 10,000 cars.

  • Denso was hacked in March 2022, losing 1.4 Tb of important data.

These examples show that car dealerships really need to worry about security.

Steps to Secure IoT Devices

To keep IoT devices safe, dealerships need to act fast. Keeping software up-to-date helps fight new threats. Using secure ways to send data, like TLS, stops hackers. Blockchain can also keep transactions safe and check data for changes.

Here are some key steps:

  1. Update IoT devices often to fix security holes.

  2. Put IoT devices on their own network to stop a breach from spreading.

  3. Use strong passwords and multi-factor authentication for IoT devices.

  4. Watch IoT traffic with Network Intrusion Detection Systems (NIDS) for anything odd.

By doing these things, dealerships can lower the risk of cyber attacks. They can also make their operations more reliable and efficient.

Threat Impact Mitigation Keyless Car Theft More cars get stolen Use better encryption and check who you let in API Attacks Data gets stolen, operations stop Check APIs often, control who gets in Ransomware Systems get locked down, lose money Back up data, train employees Phishing Data gets stolen, systems get in trouble Teach employees, use filters

Improving Cybersecurity Practices

To make cars safer online, car dealers need to do more. They should train their staff better, keep their networks safe, and update their digital tools on time. A study by CDK Global found that 90% of dealers think cybersecurity is very or extremely important.

Using outside security experts who know about cars is a good idea. They can help with getting ready for attacks, finding threats, and handling them. Now, 59% of car dealers use these services, up from last year.

Teaching employees how to spot threats like phishing emails is key. This helps fight off attacks that have been a big problem for dealers for years. Training, keeping software up to date, and using more than one way to check who you are can also help.

Some dealers got hit by cyber attacks and lost data, especially sales info. 75% of dealers who updated their security saw better cybersecurity. Most dealers now have someone in charge of keeping things safe online.

Using cloud-based systems for managing dealerships can also boost security. These systems offer more protection, back up data quickly, and watch for threats all the time. This move is part of a bigger trend to use cloud tech for better security against cyber threats.

It’s important to keep learning and updating how dealers handle cybersecurity. Last year, 17% of dealers faced a cyber attack. By focusing on cybersecurity, dealers can keep data safe, avoid downtime, and protect their business from financial losses.

Role of Endpoint Protection and Response (EDR)

As cyber threats get more complex, EDR solutions are key for auto dealerships. They offer real-time monitoring and quick action. This helps dealerships keep their systems and data safe.

What is Endpoint Protection and Response?

EDR technology for dealerships is a set of tools that watch over endpoint security closely. It uses agents on endpoints to look for bad activities or known threats. With ML and AI, EDR spots unusual actions and new threats. It gives real-time and past info on what’s happening on endpoints.

Key features of EDR include:

  • Automated remediation: It fixes threats on its own, saving time and resources.

  • Behavioral analytics: It finds odd actions and threats by using advanced models.

  • Vulnerability management: It finds and fixes weak spots before they’re used by hackers.

  • Threat intelligence integrations: It uses the latest threat info to stay ahead.

  • Device monitoring and control: It checks USB devices and other peripherals for danger.

Benefits of EDR in Auto Dealerships

Using EDR in dealerships has many benefits:

  1. Enhanced Threat Detection: EDR can spot complex attacks, catching hidden threats. It’s expected to grow from USD 2.65 Billion in 2023 to USD 9.50 Billion by 2030.

  2. Rapid Response: Security teams can set up automatic fixes, making quick work of threats. This boosts endpoint security.

  3. Cost Savings: EDR cuts down the cost of security incidents and avoids fines, saving money.

  4. Simplified Compliance: EDR helps meet rules like HIPAA and GDPR by watching for suspicious actions and handling data right.

  5. Proactive Security Management: EDR lowers risks by finding and fixing vulnerabilities early, cutting down insider threats and boosting security.

EDR technology also helps small security teams by automating threat detection and fixing. This lets them work better with less resources. As more dealerships use it, they can fight cyber threats better and keep their operations safe.

Feature Description Automated Remediation It fixes threats automatically, cutting down on manual work and time. Behavioral Analytics Uses ML to spot odd behavior, helping find threats better. Vulnerability Management Finds and fixes weak spots before hackers can use them. Threat Intelligence Integrations Uses the latest threat info to stay ahead of threats. Device Monitoring and Control Keeps an eye on and controls external devices to stop malware.

The Importance of Regular Security Audits

In today’s world, it’s key for auto dealerships to do security audits in cyber security planning often. These checks help find and fix problems before bad guys can use them. For instance, in 2015, hackers got into a Jeep Cherokee’s system through its Uconnect system. This shows how important strong security is.

Phishing attacks are a big problem, aiming to get dealership staff to share important info. Doing regular security checks helps keep systems and processes safe and current.

Ransomware attacks can cause big money losses and slow down work. That’s why doing dealership risk assessment often is a must. These checks spot weak spots in security that could be used by ransomware. This lets dealers take action early to protect important data.

Data breaches can hurt a dealership’s good name and lead to legal trouble. Doing deep security checks makes sure data like financial info is safe and private.

Threats from inside the company are a big worry. Checks should include making sure employees only have access they need and training them well. This helps lower the chance of problems from within.

One cyber attack can cost a lot, with bills for fixing things, legal help, and lost sales. By spending on security audits in cyber security planning, dealers can stop problems before they start. This keeps their money safe and their business running smoothly.

According to cybersecurity experts at Dealer Essential, regular security audits use industry-standard tools and methodologies to ensure optimal data security.

Checks also show the need for multi-factor authentication (MFA). This extra step makes it harder for hackers to get in by asking for more proof of who you are. It really cuts down on unauthorized access.

Also, having a good plan for when cyberattacks happen helps dealers deal with them fast and well. This lessens the damage and gets things back to normal quicker.

Security audits are an ongoing task. Dealerships need to work with vendors and services that follow strict security rules. This makes sure their security is strong and up to date.

Vulnerabilities Identified Preventative Measure Outcome IoT System Weakness Regular Security Audits Secured Connected Devices Phishing Attempts Employee Training Programs Reduced Data Breaches Ransomware Threats Advanced Antivirus and IDS/IPS Minimized Financial Losses Data Encryption Gaps Regular Encryption Key Updates Protected Customer Information

By using security audits in cyber security planning and dealership risk assessment, auto dealers can make their defenses stronger. This keeps their work and customers safe.

Adapting the Zero Trust Security Model

Auto dealerships are now using the Zero Trust security model to protect their digital spaces. This model says no one, inside or outside the network, is always safe. With new rules coming in 2024, dealerships are changing to keep up, making it key to update their security.

Adding Zero Trust means you must check who and what is allowed in. It’s about finding the right balance between keeping things safe and keeping things running smoothly. Ruben Lobo says OT assets often don’t have good security checks. This shows dealerships need to improve their security.

The ISA/IEC 62443-3-3 standard suggests using zones and conduits for better network security in OT/ICS areas. This is important for dealerships to improve their security. ZTNA (Zero Trust Network Access) is a new way to keep data safe by only letting people see what they need to see, based on who they are and why they need it.

Qiang Huang talks about the need to protect old systems in OT areas to keep things running well and safely. Kevin Kumpf says even though more people know about zero-trust, it’s hard to put it into action. They struggle with keeping things running smoothly and safely. Putting zero trust into old systems needs teamwork between IT and OT teams and a step-by-step plan to avoid problems.

“ZTNA ensures remote users can access specific resources only at designated times, offering a robust alternative to traditional VPNs,” highlighted Dave Purdy, emphasizing strategic controls to enhance overall security.

The Zero Trust model uses many signals from six main areas: identities, endpoints, network, data, apps, and infrastructure. It relies on real-time checks from threat systems to make sure policies work well. This quick action is key because cyber threats happen fast.

Element Signals Policy Enforcement Identities User role, location Access control based on role and location Endpoints Device compliance Authorization based on device health Network Connection type Segmented access controls Data Data sensitivity Encryption and access restrictions Apps Application sensitivity User-specific access limits Infrastructure Environment capabilities Runtime controls on serverless, containers, IaaS, and PaaS

As dealerships update their security, they need to make sure these changes work well together. Classifying, labeling, and encrypting data is key to keeping it safe. Using data to check and improve security helps make a strong defense. By using Zero Trust, dealerships can make their security much stronger, ready for more and more cyber threats.

Enhancing Cybersecurity Training for Dealership Staff

It’s very important to teach dealership staff about cybersecurity education. This helps them know how to spot and stop cyber threats like phishing scams. Having a strong cyber threat awareness in the whole team can really help.

Key Elements of Effective Training Programs

Good training needs to focus on a few important things. First, it should teach staff about recognizing threats, how to act safely, and what to do in an emergency. This is key because most cyber attacks start with phishing or social engineering.

It’s also important to keep training up to date. Staff need to learn about new security threats and how to deal with them. Working with experts like Fisch Solutions can help make training fit the dealership’s needs.

Dealerships should also do regular security checks and practice responding to emergencies. These steps are important for being ready for cyber threats. Experts in both the car and tech worlds agree on this.

Challenges in Cybersecurity Training

Even though cyber threat awareness is crucial, there are big challenges. The car industry has a lot of staff turnover, making it hard to keep training going. Also, not all staff are the same when it comes to tech skills, which makes training harder.

Keeping staff interested and remembering what they learn is another big challenge. Using real stories and interactive lessons can help. Showing how cyber attacks can affect dealerships, like the recent big disruptions, can make the need for security clear.

These challenges show why training needs to be ongoing and flexible. Doing this can help avoid big losses, both in money and reputation. Experts like Dara Warn and Joshua Smith from INE Security say this is key. Good training programs are vital for making cybersecurity a part of dealership culture.


As we move into 2024, protecting your car dealership from cyber threats is very important. Over 90% of cyber attacks start with phishing emails, says the Cybersecurity & Infrastructure Security Agency (CISA). It’s key to know and fix these weak spots.

Car dealers face many threats, like ransomware and supply chain issues. A strong cybersecurity plan for dealerships means understanding these risks. It also means taking steps to fight them.

Ransomware attacks are on the rise in the car industry. About 64% of businesses get hit by one, and 79% pay the ransom. To fight back, your dealership must follow strict cybersecurity rules. This includes training employees, using the latest tech, and having a plan for emergencies.

Protecting car dealers from cyber threats takes a lot of effort. It means knowing the risks and acting fast. This includes doing security checks, training on cybersecurity, and working with experts.

By being careful and taking action, you can keep your dealership safe and ahead in the digital world. Stay strong and keep your business secure.


What are the top 5 cyber threats facing auto dealerships in 2024?

The top 5 cyber threats for auto dealerships in 2024 are ransomware attacks, email phishing scams, social engineering tactics, IoT device vulnerabilities, and attacks on connected vehicles.

Why is the cybersecurity risk landscape increasing for auto dealerships?

The risk is rising because auto dealers have lots of customer data and do big financial deals. They also use a lot of digital tech. This makes them a good target for cyber attackers.

What recent cyberattacks have targeted auto dealerships?

Recent attacks hit Eagers Automotive in Australia, Arnold Clark in Europe, and the Holdcroft Group in the UK. They were all hit by ransomware.

What is the impact of ransomware on auto dealership operations?

Ransomware can really hurt a dealership’s money and work. It can cause downtime, make employees wait for pay, and cost a lot to fix and get back to normal.

How are connected vehicles vulnerable to cyber threats?

Connected cars are at risk because they use wireless and internet connections. This lets hackers steal data or take control of the car.

What common IoT vulnerabilities do auto dealerships face?

Dealerships often face IoT risks because many devices aren’t made with good security. This makes networks easy to hack.

How can auto dealerships improve their cybersecurity practices?

Dealerships can get better at security by training staff more, keeping networks separate, updating tech, and using outside security experts for cars.

What is Endpoint Detection and Response (EDR) and its benefits for auto dealerships?

EDR watches and acts on endpoints to stop cyber threats. It helps find and stop complex attacks, making cars safer for dealerships.

Why are regular security audits important for auto dealerships?

Doing security checks often helps find and fix problems before hackers can use them. It keeps a dealership’s security strong.

What is the Zero Trust security model and how does it benefit auto dealerships?

The Zero Trust model says no one or thing is trusted right away. It makes sure everyone and everything is checked closely. This makes data much safer.

What are the key elements of effective cybersecurity training programs for dealership staff?

Good training teaches staff to spot threats, act safely, and handle crises. It also tackles the issue of staff leaving and having different skills.