by Jake Bleiberg
Car dealerships crippled by a cyberattack on software provider CDK Global probably won’t have their systems restored until the end of the month.
In a message to clients Tuesday, CDK warned dealerships that because the outages could persist until June 30, they may need to make alternative plans on how to handle their end-of-month finances. Thousands of dealerships, which rely on CDK’s software for nearly every business function, ground to a halt last week following the compromise.
The latest message from the company indicates that large swaths of the US auto sales sector may ultimately be handicapped by the attack for nearly two weeks.
“We do feel it’s important to share that we do not believe that we will be able to get all dealers live prior to June 30th,” CDK Global said in a recorded message on its customer help phone line. “Should you need to make alternate plans for your month-end financial close process, you should do so.”
Representatives for the company didn’t immediately respond to a request for comment about the latest client communication Tuesday.
CDK’s software products, including its core dealer management system, went down in the early hours of June 19, with the company saying it had shut off all systems amid what it called a cyber incident.
The Hoffman Estates, Illinois-based company was attacked by a hacking group known as BlackSuit, according to Allan Liska, a threat analyst at the security firm Recorded Future Inc.
The cybercrime group has demanded an extortion fee in the tens of millions of dollars from CDK, which plans to make the payment, Bloomberg News reported on Friday.
Ransom payments in cyberattacks often entail haggling over a fee, and it’s unclear where the process stands with CDK.
Copyright Bloomberg News