That’s simply so easy it’s not even funny. Paying ransoms to hackers is the same as supporting terrorism. Badabing badaboom
1 Like
they both have a motive, but they aren’t at all motivated by the same thing(s). These are banditos, they want money. If you make it so they can’t be paid, they are left with political/message motivations. It’s dis SEC and GAAP haven’t done their part to tighten this up.
Meanwhile, back at hell-on-Earth
Sonic and Penske claim they’re open for business, CDK wants to pay ransom and hope their data wasn’t already exfiltrated.
Business as usual for the movers and shakers.
They just call it foreign policy. 
1 Like
I just realize that I made a mistake. I meant that if you want to enforce it, the government can say “ if you pay a ransom to a ransomware group, you are paying criminal elements which is now illegal”
Very unlikely!
So you think there would/should be a law against corporate extortion that acts as if funding terror? Never gonna happen. I’ll add another thing here which many people don’t know but insurance companies cover cyber theft, it’s very expensive and difficult to get your money but it exists.
1 Like
https://www.wsj.com/articles/car-truck-dealers-assess-fallout-from-cdk-cyberattack-d683ab33
CDK said Saturday that it has begun a restoration process that will likely take several days to complete.
3 Likes
Article about how this has affected AutoNation… pasted because paywall.
https://www.autonews.com/retail/cdk-cyberattack-update-autonation-group-1-report-disruptions
June 24, 2024 08:12 AM [MARK HOLLMER ]
——————
AutoNation, Group 1 report impacts of CDK ransomware attack as crisis lingers into sixth day
AutoNation and Group 1 said they are facing disruptions, but both are conducting business as usual.
Two more of the largest U.S. auto dealership groups reported their exposure to the CDK Global ransomware attacks that shut down the dealership management system for auto retailers across North America last week.
The crisis has now entered its sixth day and it could still be “several days” before there is a resolution, CDK Global said. The disruption has beset the auto retail segment with the summer sales push in full gear.
AutoNation Inc. and Group 1 Automotive Inc. said on June 24 both are facing disruptions but took immediate steps to minimize the impact once they were notified. They said their dealerships are conducting business as usual.
“We immediately took precautionary containment steps to protect our systems and data, implemented business continuity plans, and commenced a review of the potential impact of the incident, which efforts are ongoing,” AutoNation said in a regulatory filing. “While the outages of CDK’s systems and our DMS have been disruptive and adversely impacted our business, all of our locations remain open.”
AutoNation said it is continuing to sell, service and buy vehicles “and otherwise serve our customers, through manual and alternative means and processes, albeit with lower productivity.”
The company added it is in regular communication with CDK and continues “to take steps to minimize any potential impact on our business and our customers,” though the full scope of the attack and its impact isn’t known yet.
Group 1 Automotive Inc. the nation’s fourth-largest dealership group, said in a June 24 release it “immediately activated its cyber incident response procedures and proactively took measures to protect and isolate its systems from CDK’s platform.”
“Despite the CDK service outage, all Group 1 U.S. dealerships continue to conduct business using alternative processes until CDK’s dealers’ systems are available,” Group 1 said.
CDK said it has more than 15,000 dealership customers in North America, according to Matt Gillrie, CEO of the Gillrie Institute, an automotive consulting group that works exclusively with dealers. The company has contracts with five of the six top public dealership groups: Group 1, AutoNation, Lithia Motors Inc., Asbury Automotive Group Inc., and Sonic Automotive Inc.
Sonic and Lithia made related disclosures of their own on June 21.
Sonic, the sixth-largest public dealership group, said in a statement that its more than 100 dealerships “are open and operating utilizing workaround solutions to minimize the disruption caused by this CDK outage.”
The public retailer said after it learned of the attack, it took “precautionary containment steps” to protect the company’s systems and began an investigation. It said it does not know whether the hackers were able to get any customer data.
Penske Automotive Group Inc., in a late June 21 regulatory filing, said it does not use CDK at franchised dealerships in the U.S. or the United Kingdom. But the company said it does use CDK’s DMS for its Premier Truck Group, which sells heavy- and medium-duty trucks, and that business has been “disrupted.”
Penske said it continues to operate all Premier Truck locations through “manual or alternate processes.”
Meanwhile, CDK Global continued efforts on June 24 to restore its North American operations, six days after two ransomware attacks forced it to shut down most operations, disabling thousands of its customers’ businesses in the process. It said early June 24 it had no updates on its efforts to restore its systems.
Dealerships scrambled to use workarounds such as pen and paper to minimize the disruption caused by the attacks. More than 15,000 dealerships were affected by the outage in the U.S. and Canada.
In a note to customers, CDK for the first time on June 22 referred to the crippling cyberattacks as a ransom event and told dealers the restoration process for its systems was underway.
“We anticipate the restoration process to take several daysand not weeks for the major applications and ask for your continued support as we bring systems back online,” the update said.
A subsequent CDK note to customers midday on June 23 reiterated the timeline and said restoration was continuing.
CDK said it “promptly launched an investigation with leading third-party experts and notified law enforcement.” It was not immediately clear which law enforcement agencies were involved in the case.
“We are continuing to actively engage with our customers and provide them with alternate ways to conduct business,” CDK said.
The company also has opened an online resource center for dealers. Rivals also are stepping in to help impacted dealerships.
A hacking group claiming responsibility was demanding CDK Global pay tens of millions of dollars in ransom to lift the DMS outage, Bloomberg reported June 21. CDK was planning to pay the ransom, the report said.
On June 22, U.S. dealerships were open for business, though they were hampered with what they could do. Saturdays typically are the busiest days of the week for vehicle sales for many. With the second quarter coming to a close at the end of June, the indefinite shutdown could affect new- and used-vehicle sales across the industry.
— Julie Walker, Melissa Burden contributed to this story.
2 Likes
Any thoughts from the forum members on how the CDK hack will influence end of quarter vehicle purchase/lease negotiations with dealers? Are they going to be more willing to discount cars to make a deal or is going to be harder to get a deal because the dealers have backed up orders they need to complete by end of quarter?
Ain’t no way that dealers will be more willing to discount the vehicle because of that one incident. No way
2 Likes
Dealers are often trying to meet quotas by the end of month, quarter, and year. If they have been unable to move cars this past week due to CDK, I’m thinking I might have more leverage.
How much leverage are you thinking that you have? We see this quite a bit on LH most notably when people spin themselves in circles thinking the “numbers” will be better next month.
If the leverage your thinking you have is in the $15-20 month less than I think may be a possibility however if you are thinking that all things being equal, that your going to go from an effective $500 month to $375 month, imo that’s pretty unlikely to happen.
Anecdotally I leased a Tacoma one time and started with the dealer in November, I decided to roll the dice to December and another $500 was added to incentives and I saved another ~$7.50 per month.
2 Likes
CDK is not the only platform that dealers use, they are selling cars no problem
Uh, no. They are switching to manual submission where they handwrite everything and submitting deals to the bank. Sorry, but I am thinking it’s a no.
1 Like
you are also assuming the dealer has not hit their metrics. each dealer is different and could have hit their numbers 2 months ago and will be less motivated to dig deep. while eoq can help the likelihood of a deal, it’s a crapshoot and shouldn’t be relied on as gospel
Guessing if dealers already have FOLP, it won’t be better when they’re handwriting deals and second guessing themselves
2 Likes
I totally agree-it depends if a dealer has met their quotas or not, but end of the quarter is a great time to find a dealer willing to give you a big mark down–presumably to meet their overall sales quota. I am shopping multiple dealers. Their are plenty of BMW iX xDrive50s on dealership lots. Chances are I’m going to find a dealer willing to discount substantially. With barely any effort I I have one dealer giving me 11.5% off MSRP, before all applicable incentives. I think my target is 12%, but I wouldn’t be surprised if a dealer was willing to give an even steeper discount.
Three words: business interruption insurance 
Aren’t those policies almost useless cause there’s more holes in them than swiss cheese?
It all depends on the policy, but the biggest exclusion I’ve seen is force majeure and this isn’t that. CDK’s cyber should cover them, dealer’s BII might cover them.