This is the warning from the specialist motor trade insurance team at Ascend Broking, which highlights how cyber criminals see the interconnectivity of systems within the motor world as the means to earn good sums of money.
No motor trade business should view itself as ‘off the radar’ for cyber criminals. In fact, the smaller the business, the more likely the attack in many cases, as the criminals recognise smaller businesses typically have computerised systems with far more vulnerabilities.
They also know motor trade businesses focus their attention on training staff in car mechanics and health and safety but devote practically no time to enhancing knowledge about cyber crime prevention.
2022 saw a reported 380% increase in automotive cyber attacks, highlighting how attractive the sector, with its interconnected systems based around Over the Air updates (OTA), In Vehicle Infotainment (IVI), Bluetooth, cellular and Cloud-based technologies is, to those earning money from cyber ransoms and the sale of customer data to dark web buyers.[i]
Where repair shops use the same interconnected tools to work on many different vehicles, it presents the perfect opportunity for criminals to deliver a ransomware virus to all, or to harvest information from the vehicles and their owners’ connected devices.
Once inside a system, there is also every likelihood a criminal gang can find a route through to the systems of much larger automotive businesses.
Some parts of the motor trade chain are very much targets. Ascend Broking’s motor trade division leader, Steven Gillespie, says, “Dealerships and leasing companies can be highly attractive to cyber criminals, as they hold so much client data – names, addresses, credit card information, licence and tax details, vehicle registration numbers and much more.
“Tapping into this means lots of opportunity to sell data on via the dark web, or to extort ransoms from either the motor trade business itself or individuals whose data has been compromised. If customers are faced with a ransom demand, they are highly likely to seek compensation from the business that leaked their personal data. A motor trader or dealership’s reputation can be completely ruined by a data breach, leading to business failure.”
IBM says the average downtime of a dealership, following a cyber attack, is 16 days and, following such an attack, 84% of a dealership’s customers say they would not use it again.[ii] One prominent dealership in the UK was attacked in December 2022, with the hackers accessing bank details, vehicle details, personal information and National Insurance numbers.
This was felt to be the result of a phishing exercise – the cause of around 36% of data breaches at dealerships. Phishing describes the tactic whereby the victim is duped into opening an email, text message or some other form of communication and divulging details that enable the cyber criminal to access systems.
Ascend Broking says motor trade businesses, who want to keep their customer base loyal and safe and who do not wish to incur a GDPR fine, must protect their IT systems and data. A cyber risk audit should assess all possible vulnerabilities but also encompass specific staff training in cyber tactics and how to spot a phishing or malware attempt.
Businesses should keep software continually updated to the latest version and have passwords that are secure, hard-to-guess and regularly changed. Password access should be restricted and multi-factor authentication turned on, wherever available.
However, as an attack is highly likely, all needs to be backed by the right cyber insurance – a policy that will give the business access to IT professionals, who can help restore systems and get the business back up and running following an attack. Not all cyber insurance policies will do this so this is an area in which the specialist assistance of a broker can be vital.
All motor trade businesses should also have a cyber response plan, which details exactly what needs to happen in the event of an attack. This needs to analyse who will be affected, who needs to be contacted following a data breach and what needs to be done to try to minimise the trading losses that will be incurred due to the inevitable downtime.
A broker can assist with this and suggest before-the-event strategies to try to prevent an attack, as well as the after-the-event insurance to compensate for financial losses.
“Motor trade businesses are often wearing blinkers when it comes to cyber crime, focusing too much on the nuts and bolts of vehicles and not the vast amount of connectivity that is now surrounding them,” says Steven Gillespie. “Many need to wise up, bolster their systems and get a solid cyber security safety net in place.”