Dealerships Vulnerable to Hack Attacks

by Jim Leman, Dec. 31, 2014 - Wards Dealer Business

Malware can steal customer social security numbers from finance and insurance department computers.

With malware known as Keylogger placed into a finance and insurance computer by a hacker, a cyberthief may capture every social security number you type in.

The malicious invader transmits to the thief every 3-digit, 2-digit, 4-digit keystroke pattern for SSNs.

Computer-security experts say most dealership networks lack even some of the most basic security protection to prevent such theft. Off-the-shelf antivirus and anti-malware software, while helpful, don’t adequately protect against today’s aggressively creative cybercriminals.

“Without a network protected against hackers, dealers simply give away critical and potentially damaging information from their stores,” said Tony Petcou, a channel manager with Nuspire Networks, a security services provider based in Michigan.

Hacking damage can range from loss of critical business and customer data to loss of business and customer loyalty.

Besides hackers inserting dangerous malware like Keylogger they can also insert into the network a ransom Trojan called CryptoLocker. This malware locks up servers and shuts down the business. Removing it can take days or more.

Many dealerships are attractive targets for cybercriminals, Petcou says. One reason is the victim’s overall dismissal of the threat.

“About 80% of dealerships lack sophisticated network protection because they lack the expertise, resources and often the desire to do anything about it,” he says.

“Too frequently they falsely believe they’re too small of a target for hackers. A business like Target may be a big fish, but a hacker can scoop vast numbers of critical personal and financial data from hundreds of auto dealerships more easily and more quickly.”  

He adds that 40% of dealerships’ computers use the Windows XP operating system, a system that leaves these computers vulnerable to hacking.

A PricewaterhouseCoopers Cybercrime Security survey notes, “The coming year could bring a new wave of (security) strikes on industries that have not migrated critical systems from Windows XP…”

Nearly 30% of survey respondents consider insider cybercrime as an issue.

Increase use of mobile devices in F&I can infect dealership networks if allowed to be taken off site and connected to home or public Wi-Fi hotspots. “This is a huge, huge risk,” Petcou says.

As a precaution, dealership Wi-Fi networks should be segmented into in-store hotspots from the main network to thwart such cross infection, he says.

He also advises dealers to:

  • Understand their business and the regulations that apply, in particular the Gramm-Leach-Bliley Act. The Federal Trade Commission requires dealers to comply with its Safeguards Rule to protect customer personal information.
  • Understand security risks. Consider having a network assessment done to probe for weaknesses so you can remediate.
  •  Educate employees not to share passwords or other confidential system information with anyone. Monitor employee computer use.

Jim Leman writes about automotive retail operations from Grayslake, IL. Reach him at

Views: 160


You need to be a member of to add comments!


Comment by Tom Gorham on January 6, 2015 at 12:12pm

Always great to read your articles Jim.  This one is very important.  Nice to see the reference to Nuspire since we use them for security.

Comment by Michael Baker on January 5, 2015 at 7:50pm

10-4 Don. Most will not 'act' until a few dealers get 'hit', unfortunately.

Comment by DON GRAFF on January 5, 2015 at 5:38pm

Hi Jim, you interviewed me way back in 2005.I found your article to be very timely. From my experience most dealerships do not recognize the vulnerability.

© 2020   Created by DealerELITE.   Powered by

Badges  |  Report an Issue  |  Terms of Service