Back to Paper and Pen? A Growing Trend in Ransomware Disrupting Operations Across the Automotive Ecosystem

ELAD ROBB

Director of Cyber Threat Intelligence

June 25, 2024

In a troubling turn of events, a key player in the automotive retail technology sector, has fallen victim to a ransomware attack. The attack, allegedly attributed to a well-known ransomware group, resulted in significant disruptions, impacting over 15,000 automotive dealership locations and their operations across North America. This incident not only underscores the vulnerabilities within critical supply chains but also draws alarming parallels to a previous ransomware attack on a company integral to global fleet management and asset tracking.

US dealership software provider suffers a massive ransomware attack

In mid June 2024, a US SaaS provider for car dealerships, renowned for providing integrated data and technology solutions to automotive retailers, experienced an outage caused by a ransomware attack. The breach has disrupted various services, leading to operational delays for dealerships relying on the company’s software for their day-to-day operations and forced a return to manual processes. As reported by Bloomberg News, the ransom demand was $10 million. However rumors on X (Twitter) reported the demand was raised to $50 million.

This attack also demonstrates the impact on OEM and the extended risk landscape. Dealership downtime is likely to result in postponed deliveries, limited visibility into warranty and repairs as well as required parts. Furthermore, as OEM backend systems are closely connected to dealership systems, primarily via APIs, this attack may also compromise OEMs directly.

While the company reported to be working diligently to restore services and mitigate the damage, this incident highlights the severe impact that cyber attacks can have across the automotive industry’s value chain.

US telematics IoT vendor was also recently hit by operational disruption due to a ransom attack

The June 2024 attack comes not long after a similar ransomware incident involving a US telematics IoT vendor. In September 2023, a company that offers driver logging and inventory management solutions for the commercial fleets, faced a debilitating ransomware attack. This breach caused substantial outages, affecting fleet management and asset tracking for numerous trucking companies. This attack disrupted logistics and supply chains, demonstrating the far-reaching consequences of such cyber threats.

Connecting the dots: the automotive ecosystem is a prime target for large-scale attacks

These two ransom attacks reveal a disturbing trend where cybercriminals target crucial nodes in the supply chain. These incidents highlight several key issues:

  1. Vulnerability of critical infrastructure: both victims provide essential services to their respective industries. The disruption caused by these attacks underscores the vulnerability of critical infrastructure and the cascading effects on dependent businesses.
  2. Increased sophistication of ransomware attacks: the use of sophisticated ransomware indicates that cybercriminals are becoming more adept at exploiting weaknesses in cybersecurity defenses, causing widespread operational disruptions.
  3. Need for robust cybersecurity resilience: these incidents stress the importance of robust cybersecurity measures and incident response plans. Companies must prioritize cybersecurity to protect their systems and ensure business continuity.

These recent ransomware attacks serve as stark reminders of the growing cybersecurity threats facing industries today. Upstream’s cyber threat intelligence team constantly monitors malicious actors and ransom groups, including the group that recently targeted the dealership software company. As cybercriminals continue to target key supply chain entities, it is imperative for companies to enhance their cybersecurity posture, invest in advanced security solutions, and foster a culture of vigilance. Only through comprehensive cybersecurity strategies and ongoing assessments and education can businesses hope to safeguard their operations against the ever-evolving landscape of cyber threats.

Newsletter Icon

The 2024 Global Automotive Cybersecurity Report

Newsletter Icon

Subscribe
to our newsletter

Stay up-to-date on the latest trends, emerging risks, and updates

The US Commerce Department Finalizes The New Cyber Rule, Reshaping Automotive Supply Chains

In a landmark decision to bolster national security, the US Department of Commerce has finalized a new rule aimed at safeguarding the supply chains of…

Read more

Behind the Wheel of a Data Breach: The Power of Contextual API Security for Connected Vehicles

In late December 2024, one of largest global OEMs became the center of attention due to a significant data breach impacting over 800,000 customers across…

Read more

Proactive Detection of After-sales Vehicle Quality Defects: Insights from Recent Recalls

Recent recalls in the automotive industry underscore the importance of connected vehicle data in identifying and addressing potential safety issues before they escalate. OEMs can…

Read more

Redefining Quality in the Connected Vehicle Era: Upstream and Gary Silberg Join Forces

We are excited to announce another great industry thought leader joining our journey. Gary Silberg, an automotive executive and former Global Head of Automotive at…

Read more
Skip to content