Notifications & Messages

Jared Hamilton
From: Jared Hamilton
Hey - It’s time to join the thousands of other dealer professionals on DrivingSales. Create an account so you can get full access to the articles, discussions and people that are shaping the future of the automotive industry.
Erik Nachbahr, CISSP

Erik Nachbahr, CISSP President

Exclusive Blog Posts

Are Your Techs Ready for Electric?

Are Your Techs Ready for Electric?

Flick on the television today and you get cars coming up in two different scenarios. The first is with commercials, telling you all about the new featu…

iscover the Details to Effectively Run a Fixed Operations Department | KPI Cafe Season 6 Episode 5

iscover the Details to Effectively Run a Fixed Operations Department | KPI Cafe Season 6 Episode 5

Ed Roberts, who leads the fixed operations for Bozard Ford Lincoln, joins the KPI Cafe to cover a host of topics that can help any dealership increase the …

Is Your CRM Work-Flow Holding You Back?

Is Your CRM Work-Flow Holding You Back?

There is not a lot of flexibility when it comes to customizing a work-flow in many of today’s CRM’s. Where in many cases the standard work…

The Follow Up Email

The Follow Up Email

In a perfect world, the customer would answer their phone on the first call. But that’s not always the case. If the customer doesn’t answer the…

The Case for a Simplified Service Invoice

The Case for a Simplified Service Invoice

As a service advisor, one of the most consistent complaints I ever received was not about fixed first visit issues, nor was it about being overpriced. …

Who are Cybercriminals?

Remember the movie “War Games?” A teenager hacked into a computer and unwittingly almost started a nuclear war. In the late 60s, a famous phone phreak dubbed “Captain Crunch” figured out a way to make long-distance phone calls for free using a toy whistle from a box of Cap n’ Crunch cereal.

These examples established an early perception of “hackers” as lone wolves: teenagers in basements, social misfits out for revenge or bored college kids pulling pranks. Their intent was relatively harmless, and they eventually got caught and had to pay consequences.

Unfortunately, this perception still exists today and is one reason why many businesses don’t take the threat of cyberattacks seriously.

To understand how serious the threat of a cyberattack is, you need to understand who’s behind the threat and what their motivations are.

Cybercrime is the world’s fastest growing criminal industry. By 2021, cybercrime will cost the world $6 trillion annually. This is the greatest wealth transfer in history, far more profitable than the entire global trade of illegal drugs.

The motivation for most cybercriminals is money, pure and simple. Cybercrimes are designed to steal money and data that can be sold for money. Once stolen, consumers’ personal and identifiable information (PII) is typically sold on the dark web, purchased by other criminals with plans to exploit that information.

Most “hackers” today are employees of large multi-national crime organizations, some of which are state-sponsored. Around the world, smart and tech-savvy people are being lured by the promise of huge salaries. Entry-level cybercriminals make about $40,000 per year (which is an excellent salary in many countries). But the real payoff comes with experience, with seasoned cybercriminals raking in $1 million to $2 million per year.

These cybercrime organizations and their employees find safe haven in countries that don’t have extradition agreements with the U.S. China and Russia are the two biggest offenders, followed by Iran and North Korea. However, cybercriminals reside in many countries, including the U.K., Germany, Australia, Japan, South Korea, Ukraine, Israel, France and even the U.S.

U.S. Companies Targeted

Who do these cybercriminals like to attack? Companies in the U.S. are the most targeted, followed by companies in China, India and Europe.

Most of the news-worthy attacks we hear about on the news happen to large organizations, such as government agencies, or healthcare, retail, tech and financial institutions.

But that doesn’t mean that auto dealers aren’t at risk. In fact, 43% of cyberattacks target small businesses with fewer than 250 employees. In particular, companies with antiquated information technology (IT) infrastructures are easy to exploit, and Windows is the most targeted platform.

Does this profile sound familiar to you?

In most dealerships I have seen the IT networks are outdated, with some running the same setup and technology they had five years ago. Many dealers have not made significant upgrades in 10 years. They also trust the management of IT to people who aren’t qualified—in fact, only a third of dealerships employ a network engineer with computer security certifications and training.

Additionally, I have seen many dealerships still running the Windows 7 operating system on computers that are 4 or 5 years old. As of January 2020, Windows 7 will no longer be supported with updates by Microsoft. If you’re still running Windows 7 in January, your dealership will be highly vulnerable to a cyberattack.

It’s nearly 100% certain that cybercrime syndicates already have a plan in place to exploit organizations that haven’t yet upgraded to Windows 10 when January rolls around. Thousands if not hundreds of thousands of cybercriminals around the world are waiting for this opportunity.

Unfortunately, the problem of cybercrime is only going to get worse and it may never get better. This could be the new normal. Thousands of extremely smart people spend every minute of every day dreaming up new ways to steal your money.

The malware threat is now migrating from PCs and laptops to smartphones and mobile devices. Experts worry that in the near future, cybercrime could take an even darker turn. Got a pacemaker? It could feasibly be switched off by a cybercriminal in another country, unless you send bitcoins.

Connected cars also make us vulnerable to what could be an entirely new form of terrorist attack: causing random cars to crash.

But why worry about things you can’t control? There’s plenty that you can control, starting with taking the threat of a cyberattack seriously, and creating a plan to prevent it.

 Unlock all of the community & features  Join Now