Yago Paramo

Automotive Entrepreneur

Auto dealers be aware of Ransomware

AAEAAQAAAAAAAAmUAAAAJDc0Y2U3NmY3LTlmMmMtNDBhMC05ZWVlLTYwMDM1YzFlOTA3MQImage Credit NBC News, KACPER PEMPEL / Reuters

Now that we are over the fact that US auto dealerships will pay a little bit more in 2017 for DMS (Dealer Management system) access due to security reasons you must make yourself familiar with Cryptolocker (ransomware) so you can ask the right questions when protecting your dealership files.

I should add for the record of the DMS access saga that in recent events some companies believe that data restriction is a business control move by Reynolds & Reynolds and CDK (ADP). It is for sure that data access and security will be a topic for 2017. Thanks to Cliff Banks for the article.

Back to Cryptolocker, in the words of Thomas Wenger, an automotive dealership cyber security expert based in Seattle;

“Cryptolocker has been an increasing issue for auto dealerships. This destructive ransomware encrypts files so the dealer is forced to either restore from backups which often are not properly maintained or in place, or to pay up and hope to receive their files back intact. This ransomware easily infects systems from infected webpages, or from phishing emails. The emails often come to everyone in the dealership, and will resemble legitimate emails you would often receive at a dealership, such as financing notices, deliveries, or potential leads.”

The monetary end of the ransomware attack is a tremendous enticement for an increase in sophistication in the attacks.

I asked Mr. Wenger to share a couple stories he has dealt with:

“Recently a Cadillac dealership had a particularly nasty ransomware incident when the service manager, who is fairly computer savvy, from a simple email attachment he soon found his entire PC, as well as some network attached folders all were encrypted. The price to buy the freedom of 10 years’ worth of service files? $1000.00.

Another large dealership finance manager landed on the wrong fantasy football site and soon his system was notifying him that his files were locked and payment would be required to release them, while nothing on his system was particularly valuable it did make its way to the main file server which was. The file delivery portion of the ransomware failed, so even if the dealer wanted to pay the fee they were unable in this case, costing them weeks of time rebuilding lost files.”

With the average large dealership between mobile devices, PCs, and other tools has literally hundreds of devices and email addresses to act as points of entry into a network. With a lot of dealerships backup services not often or not properly maintained this is the first type of virus/ransomware that has proven to a major issue for the average dealer.

Ransomware attacks are brave enough to have infected police department systems and ask them for money. In a recent NBC News article a police department is cited saying “We Are Cops. We Generally Don’t Pay Ransoms” showcasing the frustration they may have felt. Hospitals haven’t been any safer so far. See the trend? High value small businesses without large IT support staff.

Things you can do to protect your business:

  • Have a good data backup plan
  • Have an updated malware system in place
  • Have a written download/open file policy
  • Have an URL blocker or a non-business URL (website) visitor policy

Yago Paramo. VP of Business Dev. [email protected]

Thomas Wenger, Owner of Technology Portal, is a 14 year veteran of the IT industry with a focus on auto dealerships and the businesses that support them. He acts as IT consultant, network engineer and technician to over 100 dealerships, and advises and deals with ransomware cases on a regular basis. You can ask him questions at [email protected]

Yago Paramo, VP of Business Development, is a 15 year veteran of the automotive industry with a focus on inventory, website presence, SEO, and SEM. He acts as consultant to over 1,000 dealerships, and advises and deals with marketing needs on a regular basis. You can ask him questions at [email protected]