The auto sales industry is currently suffering a series of crippling cyber attacks, highlighting a worrying trend of increasingly sophisticated and devastating cyber threats. CDK Global, a software provider to approximately 15,000 car dealerships, is the latest victim of this attack, which has disrupted operations for several days.
This follows similar incidents earlier this year. In May, a cyberattack at Ascension, a nonprofit network of 140 hospitals, caused ambulances to be diverted from several hospitals and took nearly a month to resolve. In February, a ransomware attack on Change Healthcare, a subsidiary of UnitedHealth Group, caused billing disruptions at pharmacies across the country and threatened to put some healthcare providers out of business.
Cybersecurity experts warn that hackers are becoming increasingly patient and sophisticated, often hiding undetected within an organization's systems for extended periods before launching their attacks. They are also increasingly targeting companies in a supply chain-style attack, making more money by wiping out entire industries. Industries that often use outdated systems, such as healthcare, are particularly vulnerable.
Eric Noonan, CEO of cybersecurity provider CyberSheath, explains that ransomware attacks often break through channels like a phishing email and can go undetected for days or even weeks. The actual deployment of ransomware is often rapid and widespread, with most victims only realizing they've been hacked when they lose access to important files or receive digital ransom notes.
The shift to cloud-based and third-party systems, while beneficial to day-to-day business operations, has also increased susceptibility to general hackers. Hackers are focusing their efforts on organizations that serve the supply chain of industries. For example, by attacking CDK's software, hackers were able to shut down the car dealership industry.
Despite hackers' growing influence, experts warn that success in paying a ransom and quickly recovering is elusive. Noonan argues that the problem isn't necessarily that hackers are getting more advanced, but that many organizations lack modern, up-to-date systems and don't conduct incident response exercises, resulting in longer recovery times from these massive pirates.
As systems become more interconnected, businesses can only do so much to maintain their cybersecurity, especially when relying on third-party systems. Experts suggest that organizations can best protect themselves by using third-party expertise, implementing systems that can look at security across their business and advocating for mandatory minimum cyber security requirements for publicly traded companies. stock market
English 
Español de Venezuela