Connect with us

Education

HOW CDK Cyber Attack Recovery Will Fall Squarely on The Accounting Office

HOW CDK Cyber Attack Recovery Will Fall Squarely on The Accounting Office OXO-MAGAZINE

In my early years in the car business, I wore many hats in each job position I held.

The Accounting Office: The Clean-Up Crew

I quickly learned that the accounting office staff often act as the clean-up crew when various problems arise.

Fewer Hiccups Thanks to Technology

Today, systems and procedure hiccups are fewer thanks to technology and automation.

The CDK Cyber Attack

Then came the CDK cyber attack. This breach is on a whole different level.

A Different Type of Problem

This breach presents a very different type of problem. When things begin to settle, which may take months, the accounting office will have to gather thousands of dealership puzzle pieces from sales, service, and parts to form some semblance of financial order.

  • The “End of the Month” Challenge
  • The “End of the Month” is here. New car dealerships are required to produce a monthly financial statement as mandated by the manufacturer and certain lenders. As of now, it’s unclear if a June financial statement will be available. Chances are slim.

Why Did the CDK Cyber Attack Happen?

HOW CDK Cyber Attack Recovery Will Fall Squarely on The Accounting Office OXOMAGAZINE

 

The History of ADP Dealer Services

ADP Dealer Services was once a leading DMS provider. It was merged into Cobalt, which focused on digital marketing. Eventually, everything was rolled into CDK Global, accompanied by private equity investments.

Cost-Cutting Measures

Private equity often cuts “cost-centers.” Infosec (Information Security) is typically viewed as a cost-center. This leads to downsizing the team responsible for protecting the company from hackers.

The Ransomware Attack

When a ransomware attack occurs, issues become evident: backups haven’t been tested, and some legacy systems are irrecoverable.

Insights from a Cybersecurity Expert

HOW CDK Cyber Attack Recovery Will Fall Squarely on The Accounting Office OXO

A cybersecurity expert shared these insights days after the attack:

  • No backups exist.
  • Backups are outdated or untested.
  • Backup restoration processes are unknown.
  • There is no disaster recovery plan, or it’s outdated.
  • The infrastructure has multiple single points of failure.
  • The extent of the compromise is unclear.

My Frustration

I am deeply frustrated by how ADP Dealer Services has been mismanaged by private equity. The real victims are the dealership staff who continue to support customers and earn a paycheck despite these issues.

CDK’s Financial Impact

OXOMAGAZINE HOW CDK Cyber Attack Recovery Will Fall Squarely on The Accounting Office

CDK is expected to pay tens of millions in ransom. This video explains how ransomware attacks unfold. Unfortunately, this won’t be the last of such incidents.

Don’t Overlook the “Preferred Vendor” Program

The “Preferred Vendor” Program

New car dealerships are franchises with manufacturers as franchisors. Each manufacturer has a “Preferred Vendor” program. Vendors apply to be included and often pay a fee.

Anti-Innovation Barrier

The program can hinder innovation. Smaller vendors and start-ups may not afford the fees, favoring larger companies instead.

Pricing and Quality Issues

Preferred vendors often have higher dealer pricing. Their product quality can fall short compared to non-preferred vendors.

Reasons for Choosing Preferred Vendors
Dealers might choose preferred vendors for two main reasons:

  • Marketing Appeal: The program claims pre-vetted vendors, suggesting higher quality and trust.
  • Financial Incentives: Dealerships can often recover some costs through the manufacturer’s Co-op program.

CDK as a Preferred Vendor

Questions About Security Audits

Where were the security audits for this vendor? Why wasn’t there regular monitoring to ensure their product justified preferred status? If monitoring was in place, it’s clear the protocol was insufficient.

How Did the CDK Cyber Attack Happen?

Outdated System

CDK is an old program with minimal upgrades over decades. Companies and private equity often avoid innovation. They only update the surface and increase costs, claiming it’s a worthwhile investment. Dealers are frustrated with rising DMS fees.

Cost-Cutting Measures

Corporate raiders prioritize cutting costs. In this case, they stripped the system for parts, leaving data vulnerable to cybercriminals.

Lack of Preparedness

A mature DMS provider should restore functionality within 24 hours, barring major disasters. CDK, however, lacked:

  • Backups
  • Redundancy
  • Separate Servers
  • Siloed Databases

Losing these critical components makes data recovery extremely difficult. This is unacceptable.Restoring Dealership Records After a Breach

Post-Ransom Payment

After CDK pays the ransom, it could take weeks or months to sort out the data. The database will likely have gaps, complicating the restoration.

Considering a New DMS Vendor

Many suggest switching to a new DMS vendor. While this seems like a viable solution, the issue is that the data is still held hostage by the attackers. Without the data, you cannot convert to a new DMS.

Exploring Alternatives

Switching DMS solutions is worth considering. However, it should only be pursued once the dealership’s CDK records are fully restored.

When the Dealership Comes Back Online

The Accounting Office’s Challenge

When operations resume, the Accounting Office faces a big task. During the outage, employees used manual documents and various software to serve customers.

Data Restoration

After the outage, all business activities—sales, service, parts—must be manually entered into the system. This could take weeks or months to complete.

Importance of Organization

Organization is key. For busy stores (150+ cars/month or over $500K in monthly service labor), this task will be time-consuming due to high transaction volumes.

Inventory Verification

Count and verify vehicle and parts inventories. Untracked inventories are at risk of theft.

Processing and Reconciliation

Ensure manual entries align with General Ledger (GL) accounts. Run schedules and GL reports to verify accuracy and post all collected funds correctly.

Start with Bank Reconciliation

Begin with bank reconciliation. Balancing books to the bank will help establish checks and balances.

Ongoing Effort

The process will be challenging. With the dedication of the dealership accounting staff, everything will eventually come together.

Moving Beyond the Vendor-Manufacturer-Dealer Breach

Shock and Disappointment

I am appalled by this event. I asked my colleagues, “How is it acceptable to manage data so irresponsibly?”

Dependence on Technology

Most dealership employees rely on technology for their jobs. This breach is a reminder that technology is only as good as its infrastructure and crisis protocols.

CDK as a “Preferred Vendor”

CDK is a “preferred vendor” by the manufacturer. Where were the crisis management requirements for such vendors? Where were the annual audits?

Accountability Questions

Who will be held accountable for this failure? Expect lawsuits against CDK from:

  • Dealers: For business disruption and data loss.
  • Consumers: For the breach of sensitive information.
  • Employees: For privacy violations and lost compensation.

First Lawsuit Filed

On June 25th, a lawsuit was filed in the U.S. Northern District of Illinois. It seeks class-action status and accuses CDK of negligence following the cyberattacks.

Pro Tip for Dealers

Now is a good time to contact your Cyber Liability Policy carrier. Check for Contingent Business Interruption coverage and notify the carrier. It’s worth discussing coverage details even if you don’t file a claim yet.

Current Status and Future Risks

Ongoing Crisis

We are still in the midst of this debacle. There may be other attacks developing as we speak.

Misguided Solutions

Someone online suggested using local servers for data security. This approach has been tried before with poor and sometimes disastrous results. Cybercriminals are too sophisticated, and dealership structures often lack the resources for on-site security.

Relying on DMS Vendors

Dealers need to trust their DMS vendor for data security. This breach has undermined that trust and will have long-lasting effects.

Seek Qualified Advice

Consult qualified experts, not vendors or online sources. Develop a comprehensive, long-term plan for data security and breach protocols. Expert advice will help you ask the right questions and not rely solely on vendor assurances.

FOR MORE INFORMATION: https://oxomagazine.com/

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

More in Education