CDK Global, maker of crucial software used by half of the nation's car dealerships, has reportedly paid a $25 million ransom to end a cyberattack that cost its customers an estimated $1 billion. The cyberattack beginning June 19 forced CDK to shut down most of the systems used by 15,000 dealer customers to manage sales, orders, and scheduling, per the Detroit Free Press. Dealers missed out on $1 billion with nearly 56,200 new car sales lost, according to an estimate from the Anderson Economic Group. Late last month, JD Power and GlobalData estimated US automaker retail sales in June would be down 5.4% year over year as a result.
Hackers reportedly demanded tens of millions of dollars to call off the attack that was ongoing as of July 5. According to CNN, CDK paid a ransom of 387 bitcoin, then equivalent to $25 million. Chris Janczewski, head of global investigations at crypto-tracking firm TRM Labs, said the June 21 payment went to hackers affiliated with a type of ransomware called BlackSuit. "A week after the payment was made, CDK said that it was bringing car dealers back online to its software platform," CNN reports.
CDK has declined to comment. Federal officials advise against paying ransom to hackers as this encourages future attacks. But some companies feel they have little choice. Organizations around the world paid a record $1.1 billion in ransom last year alone, according to a report from crypto-tracking firm Chainalysis, per CNN. "This episode is a wake-up call for the auto industry, and a warning to all others," Anderson said, per the Free Press. "Businesses that rely upon automated systems and centralized software—which means nearly all businesses—are vulnerable to hacking of systems managed by outside providers, and the losses caused by an outage can escalate quickly." (More car dealers stories.)