How to protect your car dealership from cyber-attacks

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. 

Recent trends show that car dealerships are becoming a prime target for cyber-attacks, partly due to the rise in autonomous and connected vehicles. This is in addition to more traditional attacks such as phishing. Therefore, car dealerships are urged to take measures to improve their cybersecurity posture. 

Throughout this article, we will focus on how to protect your car dealership from cyber-attacks, from technological solutions to raising staff awareness, and more. 

Why are car dealerships being targeted by cybercriminals?

Car dealerships collect a significant amount of data which is often stored on-site. This data includes things like names, addresses, email addresses, phone numbers, and perhaps more importantly, financial information such as bank details and social security numbers. Gaining access to this database can be very lucrative for criminals. 

A cybercriminal’s life is also made much easier if a car dealership uses outdated IT infrastructure and lacks sufficient processes in terms of protecting employee login details. 

How are car dealerships vulnerable to cyber-attacks?

Before we discuss how to protect your car dealership from a cyber-attack, it is important to know what makes a car dealership vulnerable, and what sort of attacks it could be subjected to. 

  • Open Wi-Fi networks - Many car dealerships have open Wi-Fi networks for their customers to use freely. However, this provides an opportunity for hackers who can potentially access other areas of the network that store sensitive data.
  • Malware - Malware is possibly the most likely form of cyber-attack, targeting individuals within your organization with malicious email attachments that execute software onto the victim’s device. This software can then grant the attacker remote access to the system.
  • Phishing - Phishing emails are much more sophisticated than they used to be, appearing much more legitimate, and targeting individuals within the company. If an email seems suspicious or is from an unknown contact, then it is advised to avoid clicking any links.
  • User error - Unfortunately, anyone working for the car dealership, even the owner, could pose a risk to security. Perhaps using lazy passwords, or not storing log-in details in a safe place. This is why cyber security training is now becoming mandatory at most businesses. 

The consequences of cyber-attacks on car dealerships

If a small-to-medium-sized car dealership is the victim of a cyber-attack, then it can have a much bigger impact than just a short-term financial loss. Many smaller businesses that suffer a data breach are said to go out of business within six months of such an event, losing the trust of their customer base, and failing to recover from the financial impact.

Research suggests that most consumers would not purchase a car from a dealership that has had a security breach in the past. Failing to prevent a cyber-attack and a criminal from gaining access to customer information is extremely detrimental to a business’s public image. 

How to protect your car dealership from cyber-attacks

Regardless of whether you already have security measures in place, it is always advised to assess how they can be improved and constantly be on the lookout for vulnerabilities within the organization.

In this section, we will discuss how to improve cyber security within a car dealership, breaking down the process into three key stages. 

Stage one - Implementing foundational security

Establishing strong foundational security is key to the long-term protection of your business. When creating your foundational security strategy you should focus on 7 main areas.

1. User permissions 

Ensure administrative access is only provided to users who need it as granting unnecessary permissions to standard users creates numerous vulnerabilities. Ensure that only the IT administrator can install new software and access secure areas. 

2. Multi-factor authentication 

Multi-factor authentication (MFA) means more than just a traditional username and password system. Once the log-in details have been entered, users will also need to enter a PIN that can be randomly generated on their mobile phone, or issued periodically by the administrator.

For added protection, you could also implement a zero-trust strategy

3. Data backup recovery processes

The effects of ransomware attacks can be sometimes be avoided if important files are regularly backed up, such as each morning. Once stored, there should also be procedures in place to quickly restore this data to minimize any downtime. 

4. Firewalls and other security software

Many car dealerships continue to use older firewall software and outdated security services. Newer, next-generation firewalls offer much more protection, securing even the deepest areas of the network while being more effective at identifying threats. 

5. Endpoint protection 

The endpoint refers to a user’s mobile device or computer that may be targeted by attacks such as phishing emails. Endpoint protection can help secure these devices, identifying malware and preventing it from spreading to other parts of the network.

Many businesses are also choosing to protect their phone systems by using a cloud solution.

6. Email gateways

Similar to the above, email and web scanning software is essential to protect data and business operations. This can identify threats and warn users to prevent them from clicking on links or opening suspicious attachments. 

7. Email Training

IT departments in many businesses regularly test their workforce by sending fake phishing emails to see how employees respond. If the correct actions are not taken, then the individual can be given cyber security training to raise their awareness so that they take appropriate action in the future. 

Stage two - Security processes

Once all of the above has been assessed and the necessary course of action has been taken, it is time to think about the critical security processes that need to be implemented. These are vulnerability management, incident response, and training. 

1. Vulnerability management 

Firstly, an inventory of your assets (software and devices) needs to take place so you know what needs to be protected. Once this has been done, all software should be checked to determine if it has been patched with the latest update practical.

Finally, vulnerability scans should be run on a monthly or quarterly basis. This can be done via penetration testing or an internal network scan. 

2. Incident response

Policies should be drafted in the case of an incident or data breach. This can help ensure the correct course of action will be taken in terms of contacting necessary internal and external parties. Numerous people should also be trained to respond to an incident should a key individual (such as the IT manager) be unavailable. 

Network analysis needs to take place immediately after an incident, whether this is in-house or externally. This is necessary for insurance purposes.

3. Training

Cybersecurity and Acceptable Use policies need to be created so everyone knows what needs to be done in the event of a breach. This includes defining what everyone’s responsibilities are. This can be combined with thorough security training to increase awareness. 

Stage three - Ongoing security activities

To ensure your business is protected at all times, it is vital that your IT team is on top of things and you do not rest on automated tasks and policies. 

Key activities include:

  • Using an encrypted email solution
  • Employing a VPN for remote workers to encrypt the connection
  • Mobile device security, management, and protection 
  • On-going monitoring, risk assessments, and sticking to best practices. 

Protecting your car dealerships from cyber-attacks - summary

Car dealerships are being targeted by cybercriminals who see them as an opportunity to steal sensitive information and financial details. This can be done in multiple ways including phishing scams and malware.

To tackle this, car dealerships must evaluate their cybersecurity, focusing on three key areas, the business’ foundational security, implementing security processes, and performing key security activities on an ongoing basis. 

Article Link: How to protect your car dealership from cyber-attacks | AT&T Cybersecurity