Dealerships Vulnerable to Hack Attacks

by Jim Leman, Dec. 31, 2014 - Wards Dealer Business

Malware can steal customer social security numbers from finance and insurance department computers.

With malware known as Keylogger placed into a finance and insurance computer by a hacker, a cyberthief may capture every social security number you type in.

The malicious invader transmits to the thief every 3-digit, 2-digit, 4-digit keystroke pattern for SSNs.

Computer-security experts say most dealership networks lack even some of the most basic security protection to prevent such theft. Off-the-shelf antivirus and anti-malware software, while helpful, don’t adequately protect against today’s aggressively creative cybercriminals.

“Without a network protected against hackers, dealers simply give away critical and potentially damaging information from their stores,” said Tony Petcou, a channel manager with Nuspire Networks, a security services provider based in Michigan.

Hacking damage can range from loss of critical business and customer data to loss of business and customer loyalty.

Besides hackers inserting dangerous malware like Keylogger they can also insert into the network a ransom Trojan called CryptoLocker. This malware locks up servers and shuts down the business. Removing it can take days or more.

Many dealerships are attractive targets for cybercriminals, Petcou says. One reason is the victim’s overall dismissal of the threat.

“About 80% of dealerships lack sophisticated network protection because they lack the expertise, resources and often the desire to do anything about it,” he says.

“Too frequently they falsely believe they’re too small of a target for hackers. A business like Target may be a big fish, but a hacker can scoop vast numbers of critical personal and financial data from hundreds of auto dealerships more easily and more quickly.”  

He adds that 40% of dealerships’ computers use the Windows XP operating system, a system that leaves these computers vulnerable to hacking.

A PricewaterhouseCoopers Cybercrime Security survey notes, “The coming year could bring a new wave of (security) strikes on industries that have not migrated critical systems from Windows XP…”

Nearly 30% of survey respondents consider insider cybercrime as an issue.

Increase use of mobile devices in F&I can infect dealership networks if allowed to be taken off site and connected to home or public Wi-Fi hotspots. “This is a huge, huge risk,” Petcou says.

As a precaution, dealership Wi-Fi networks should be segmented into in-store hotspots from the main network to thwart such cross infection, he says.

He also advises dealers to:

  • Understand their business and the regulations that apply, in particular the Gramm-Leach-Bliley Act. The Federal Trade Commission requires dealers to comply with its Safeguards Rule to protect customer personal information.
  • Understand security risks. Consider having a network assessment done to probe for weaknesses so you can remediate.
  •  Educate employees not to share passwords or other confidential system information with anyone. Monitor employee computer use.

Jim Leman writes about automotive retail operations from Grayslake, IL. Reach him at

Views: 146


You need to be a member of to add comments!


Comment by Tom Gorham on January 6, 2015 at 12:12pm

Always great to read your articles Jim.  This one is very important.  Nice to see the reference to Nuspire since we use them for security.

Comment by Michael Baker on January 5, 2015 at 7:50pm

10-4 Don. Most will not 'act' until a few dealers get 'hit', unfortunately.

Comment by DON GRAFF on January 5, 2015 at 5:38pm

Hi Jim, you interviewed me way back in 2005.I found your article to be very timely. From my experience most dealerships do not recognize the vulnerability.

dE Sponsor

Latest Activity

Tony Provost posted a video
9 hours ago
Black Book posted a blog post

Broad Declines in the Market

Welcome to this week's edition of Black Book Market Insights, with in-depth analysis of used car…See More
13 hours ago
Jim Flint posted a blog post
15 hours ago
Bill Wittenmyer posted a video

Witt's Wise Words: Does Your Team Understand Your Goals?

VP of Sales, CDK Global, Bill Wittenmyer explains the importance of communicating your goals effectively to your team in this episode of Witt's Wise Words.
Mike Esposito posted a blog post

Auto/Mate Announces West Coast Expansion

New customer support and installation teams in Arizona will accommodate growing demand from auto…See More
Scot Eisenfelder posted a blog post

Affinitiv CEO Scot Eisenfelder Shines Spotlight on 5 Industry Disruptors Affecting Auto Dealers in 2019

Chicago, IL- January 14, 2018- Affinitiv CEO Scot Eisenfelder is shining a spotlight on five…See More
John Sternal posted a blog post

Lease Credit Approval Rates Rise to 71.4% to Close Out 2018

Lease Approval Ratings in December Reach Their Highest Number Since, the…See More
Tony Provost posted a video

de sponsor

Get Newsletter

dE Sponsor

© 2019   Created by DealerELITE.   Powered by

Badges  |  Report an Issue  |  Terms of Service