The invasion of Ukraine by neighboring Russia could trickle into the US in a different kind of warfare: cyberattacks. An initiative called “Shields Up” has been enacted to defend against cyberattacks on critical infrastructure as intelligence believes Russia could begin targeting the US for assisting in Ukraine and speaking against the Kremlin. 

While Shields Up is focused on protecting systems of national security and interest, the threat of Russian hackers – or any hackers of that matter – can illuminate risk closer to home. A recent survey of 1,200 small and medium-sized businesses (SMBs) conducted by CyberCatch revealed that only one in four could survive a ransomware attack for longer than seven days. Barely more than half could make it more than three days.

The demographic did not specifically identify dealerships, although they would fit within sectors like retail or transportation, both with similar response rates. Less than half of the companies surveyed in those areas test for phishing among employees. Less than two-thirds of SMBs in these sectors have a written Incident Response Plan for ransomware attacks. 

Sai Huda is the founder, chairman, and CEO of CyberCatch. He said, “Ransomware is an existential threat to SMBs who are a critical part of the supply chain. Foreign adversaries and criminal gangs will increasingly attack SMBs with ransomware to not only extort ransom payments but also use as the entry point upstream to the eventual target, a large company, critical infrastructure, government agency, healthcare organization or other high value target. The SMBRS is a wake-up call for proper cybersecurity controls.”

Dealerships are being targeted

The CDK Global 2018 Dealership Cybersecurity Study found that 85% of IT staff say their dealership had experienced a cybersecurity incident within the previous two years. In 2021, the CDK Global 2021 State of Cybersecurity in the Dealership Report reflected that the average ransomware payout had increased seventeen-fold in two years, up to $220,298 per incident. That’s an average, though, and the individual demand could range into the millions.

Dealerships have tightened their defenses since the 2018 report, but there continue to be areas that can be improved. 

Shift of mindset

The 2021 State of Cybersecurity in the Dealership Report also identifies a 16-day downtime due to ransomware attacks, essentially grinding a dealership’s operations to a halt for a half-month. It’s no wonder that most SMBs can only last from three to seven days with their financial revenues shut off or scrambling to implement a stopgap. 

It’s crucial to have the infrastructure in place to combat the effects of a cyberattack, including offline backups and monitoring software that help employees identify when an email or website isn’t secure. But there’s more to dealership cybersecurity. 

An overarching thought is that dealers are in the car business, but that’s hardly the case anymore. They’re now in the customer service business primarily, and an increasing part of the business is software-related as cars become more connected. The CDK Global report says that “84% of consumers said they would not go back to buy another vehicle after their data had been compromised”. If dealerships are targeted, there’s a high likelihood that many customers will never return. 

Cyberattacks are increasing in frequency in the US, and they’re coming from new sources all the time. Protecting your dealership from the disruption and potentially costly payout or a ransomware attack could keep you in business while other less protected companies are put out of business.

dealersDid you enjoy this article from Chanell Turner? Please share your thoughts, comments, or questions regarding this topic by submitting a letter to the editor here, or connect with us at

Be sure to follow us on Facebook, LinkedIn, and TikTok to stay up to date.

While you’re here, don’t forget to subscribe to our email newsletter for all the latest auto industry news from CBT News.