how to avoid a CDK style cyber attack that shuts down your dealership

[Generic Salesperson]

The "cyber attack" has become main stream news as dealerships struggle to operate.

What steps can be taken to avoid being at the mercy of a CDK style takedown?

Would it make sense to run two competing systems side by side so that WHEN one gets attacked the other will work?

Is there a business opportunity here, or an opportunity to provide consulting services?

Vendors, dealers, others... what is your take on this?

 

[Carsten]

The business opportunity here is a rather difficult: provide a competitor to CDK.

Running 2 software side by side is difficult. Look at how even LibreOffice still can't mimic Word, excel, and power point exactly, This get s even more harder when dealing with data and how it's stored.

Those are the main negatives.

But I think there is a business opportunity waiting.
If I knew more about the DMS side and all the forms and such that are needed, I would pivot some of my work to creating a competitor. The programming side of this is easy for me. I just don't know enough on the regulatory side.

 

[Alex Snyder]

Don't put all your eggs in one basket. This breach affected the eLead dealers with a CDK DMS the hardest. They had to resort to old-school methods of desking deals.

If I were a dealer using a CRM and DMS from the same company, I'd be rethinking that now. Similarly, if I buy a lot of products from the same vendor, I'd be rethinking that now.

These ransom attacks are getting more and more prevalent. It is obvious they cannot be stopped, so a smart business needs to diversify their technology options. Other than paying one big bill to one vendor, it is still just as much of a pain in the ass to have multiple products from that vendor that hasn't integrated them seamlessly than it is to have multiple vendors to log into. The smaller ones usually do a better job anyway.

 

[BillKVMotorCo]

Don't put all your eggs in one basket. This breach affected the eLead dealers with a CDK DMS the hardest. They had to resort to old-school methods of desking deals.

"Integration" will be the new "global economy."

 

[Carsten]

Diversifying your portfolio makes a lot of sense but what is the tax on that?
DMS's want a tax so that other vendors can access the data via api.
Then you also need to pay attention to how fast other vendors can match changes to the data structure that your primary is doing.

I would like to see diversity in this field because it clearly opens up the ability for competition.

 

[Alex Snyder]

"Integration" will be the new "global economy."

Only if dealers push for it. I'm hoping you're right!

Diversifying your portfolio makes a lot of sense but what is the tax on that?
DMS's want a tax so that other vendors can access the data via api.
Then you also need to pay attention to how fast other vendors can match changes to the data structure that your primary is doing.

I would like to see diversity in this field because it clearly opens up the ability for competition.

If dealers diversify, it will be difficult for the larger companies to keep the same revenues. They will need to find a way to make that money back. Competition is a good thing and could lead to new playing fields if dealers invest in the smaller solutions. There has been a trend to put more investment in the larger solutions over the last few years.

 

[Generic Salesperson]

It just dawned on me... these car dealerships who rely on CDK for certain services, where CDK states they have multiple layers of protection against cyber attacks, have a certain expectation that they will be able to perform certain transactions. Going into the second week and screwing with the end of the month CDK has now caused actual significant damages to these dealers. Whether they pay the boogeyman or not CDK will likely fail under the pressure of unending lawsuits by the dealers, no?

 

[BillKVMotorCo]

Only if dealers push for it. I'm hoping you're right!

If a dealer still has all of their eggs in one basket after this, they get what they get. I'm sorry.

I hear a lot of people talking about folks switching from CDK (have fun with that process), but I think it will be more than that. While everyone might not, there will certainly be dealers that cancel one of two important connected partners (CDK or otherwise) out of fear of losing both at once. This won't just impact CDK.

 

[jscole86]

If a dealer still has all of their eggs in one basket after this, they get what they get. I'm sorry.

The flip side, is there are a lot of efficiencies that come with software that's all-in-one.

 

[BillKVMotorCo]

The flip side, is there are a lot of efficiencies that come with software that's all-in-one.

I definitely understand. But I would counter that two weeks' worth of being shut down can eliminate a lot of efficiency one has accomplished over a previous stretch of time. It's like making a bunch of money in the stock market and then blowing your account up betting on GameStop.