Dealerships Vulnerable to Hack Attacks

by Jim Leman, Dec. 31, 2014 - Wards Dealer Business

Malware can steal customer social security numbers from finance and insurance department computers.

With malware known as Keylogger placed into a finance and insurance computer by a hacker, a cyberthief may capture every social security number you type in.

The malicious invader transmits to the thief every 3-digit, 2-digit, 4-digit keystroke pattern for SSNs.

Computer-security experts say most dealership networks lack even some of the most basic security protection to prevent such theft. Off-the-shelf antivirus and anti-malware software, while helpful, don’t adequately protect against today’s aggressively creative cybercriminals.

“Without a network protected against hackers, dealers simply give away critical and potentially damaging information from their stores,” said Tony Petcou, a channel manager with Nuspire Networks, a security services provider based in Michigan.

Hacking damage can range from loss of critical business and customer data to loss of business and customer loyalty.

Besides hackers inserting dangerous malware like Keylogger they can also insert into the network a ransom Trojan called CryptoLocker. This malware locks up servers and shuts down the business. Removing it can take days or more.

Many dealerships are attractive targets for cybercriminals, Petcou says. One reason is the victim’s overall dismissal of the threat.

“About 80% of dealerships lack sophisticated network protection because they lack the expertise, resources and often the desire to do anything about it,” he says.

“Too frequently they falsely believe they’re too small of a target for hackers. A business like Target may be a big fish, but a hacker can scoop vast numbers of critical personal and financial data from hundreds of auto dealerships more easily and more quickly.”  

He adds that 40% of dealerships’ computers use the Windows XP operating system, a system that leaves these computers vulnerable to hacking.

A PricewaterhouseCoopers Cybercrime Security survey notes, “The coming year could bring a new wave of (security) strikes on industries that have not migrated critical systems from Windows XP…”

Nearly 30% of survey respondents consider insider cybercrime as an issue.

Increase use of mobile devices in F&I can infect dealership networks if allowed to be taken off site and connected to home or public Wi-Fi hotspots. “This is a huge, huge risk,” Petcou says.

As a precaution, dealership Wi-Fi networks should be segmented into in-store hotspots from the main network to thwart such cross infection, he says.

He also advises dealers to:

  • Understand their business and the regulations that apply, in particular the Gramm-Leach-Bliley Act. The Federal Trade Commission requires dealers to comply with its Safeguards Rule to protect customer personal information.
  • Understand security risks. Consider having a network assessment done to probe for weaknesses so you can remediate.
  •  Educate employees not to share passwords or other confidential system information with anyone. Monitor employee computer use.

Jim Leman writes about automotive retail operations from Grayslake, IL. Reach him at jimleman@gmail.com

Views: 138

Comment

You need to be a member of DealerELITE.net to add comments!

Join DealerELITE.net

Comment by Tom Gorham on January 6, 2015 at 12:12pm

Always great to read your articles Jim.  This one is very important.  Nice to see the reference to Nuspire since we use them for security.

Comment by Michael Baker on January 5, 2015 at 7:50pm

10-4 Don. Most will not 'act' until a few dealers get 'hit', unfortunately.

Comment by DON GRAFF on January 5, 2015 at 5:38pm

Hi Jim, you interviewed me way back in 2005.I found your article to be very timely. From my experience most dealerships do not recognize the vulnerability.

About

DealerELITE created this Ning Network.

Blog Posts

TheoryOf5 Podcast

Posted by DealerELITE on November 18, 2017 at 11:31am 0 Comments

Check out The TheoryOf5 Podcast
With Chris Saraceno

https://www.facebook.com/CBSaraceno/posts/741647642696564



TheoryOf5.com

SWAPALEASE.COM SURVEY ON INCENTIVES SHOWS MORE DEALERS INCREASING INCENTIVES ON LEASES IN 2017

Posted by John Sternal on November 17, 2017 at 2:27pm 0 Comments

Swapalease.com, the nation’s largest online car lease marketplace, today unveiled results of its latest survey on incentives, with dealers saying they’re…

Continue

El Segundo car accident lawyer

Posted by Samuel on November 17, 2017 at 5:00am 0 Comments

El Segundo Personal Injury

You should never need to experience after your El Segundo auto crash due to the neglect of an additional. An accident lawyer experienced in assisting victims of vehicle collisions in El Segundo gets you the compensation you are…

Continue

Serent Capital Invests in CallRevu, Automotive’s Top Performing Call Management Solution

Posted by DealerELITE on November 16, 2017 at 6:23pm 0 Comments

Serent Capital Invests in CallRevu, Automotive’s Top Performing Call Management Solution



Baltimore, MD – November 16, 2017 – CallRevu, a leading provider of automotive dealer call management software that delivers dealership customers… Continue

de sponsor

Get Newsletter

dE Sponsor

© 2017   Created by DealerELITE.   Powered by

Badges  |  Report an Issue  |  Terms of Service