July 3, 2024 • 16 mins
The car sales industry in North America ground to a halt in mid-June after sophisticated cybercriminals took down CDK Global, the software provider with a near-monopoly on the industry. It caused chaos in the middle of one of the biggest seasons for car-buying. Dealers couldn’t access their inventory. Buyers couldn’t get cars off the lot. And customers feared for their personal data.
On today’s Big Take podcast, Bloomberg senior technology editor Dana Wollman and host Sarah Holder discuss what getting back to normal for dealerships might look like, how the group of hackers behind the shutdown operate, and why industries that rely on centralized software systems — from education to healthcare — are vulnerable.
Read more: BlackSuit Cybercrime Gang Blamed in CDK Hack That Roiled Car Dealers
See omnystudio.com/listener for privacy information.
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:03):
Bloomberg Audio Studios, podcasts, radio news.
Speaker 2 (00:08):
Deborah Griffith has been working with car dealerships on and
off for over forty years, processing warranty claims. A few
weeks ago in mid June, she logged onto her computer
at work and noticed that a key bit of software
she uses, made by a company called CDK, had stopped working.
Speaker 3 (00:26):
I've never experienced anything like that. I'm like, what in
the world is going on.
Speaker 2 (00:32):
CDK is used by an overwhelming majority of dealers in
the country to track purchases, parts, and warranties. But CDK
had been offline for hours. Short outages weren't that unusual.
What was strange this time was that Deborah hadn't seen
an update from CDK about any upgrades or maintenance.
Speaker 3 (00:52):
CDK has a service portal, and if something goes wrong nationwide,
they'll put a message on there, like like any website
you know works experiencing this outage, you know, and we're
working on it, you know, something like that, And there
was nothing there.
Speaker 2 (01:07):
Eventually, Deborah got a call from one of her contacts.
Speaker 3 (01:11):
He called me and he said, I just got a
call from CDK corporate. Everyone has to log out right
now and he goes, I mean, right now, there's something
going on. They've been hacked. You know, tell your bosses,
call your company and tell them everyone needs to log
out right now.
Speaker 2 (01:28):
Activity at dealerships across North America ground to a halt
as CDK shut down its systems on June nineteenth in
response to the hack. Dealers couldn't access their inventory, buyers
couldn't get cars off the lot, and Deborah couldn't process
any warranty claims. Just how disruptive was this to the
work that you try to do?
Speaker 3 (01:49):
Very absolutely, very very There's nothing, absolutely nothing I can do,
absolutely nothing.
Speaker 2 (01:59):
Summer is a particularly important time for the car industry,
and in the middle of a crucial season, buyers, dealers,
and owners looking to repair their vehicles were left in
the lurch. Data out on Tuesday showed slowing growth for
US car sales. Toyota reported a dip of one point
two percent in June compared to last year, while Kia
(02:21):
saw a six point five percent decrease. Some companies that
reported their quarterly earnings saw slight jumps in sales in
Q two. For General Motors appoint six percent rise, but
that's compared to an increase of nineteen percent last year.
Speaker 1 (02:36):
It's millions of dollars worth of sales.
Speaker 2 (02:38):
Bloomberg Senior Technology editor Dana Wallman has been leading a
team that's been reporting on the hack.
Speaker 1 (02:44):
I mean, even single car dealerships are saying that they've
lost millions of dollars in transactions. It really is. It's huge.
Speaker 2 (02:51):
According to independent outlets, the group behind the hack is
known as Black Suit, and they reportedly demanded a ransom
of tens of millions, of a ransom that Bloomberg is
reporting CDK agreed to pay because the consequences of keeping
CDK offline for long would be devastating for the car industry.
Speaker 1 (03:11):
It's last sales during a busy period, and I don't
know that all dealerships will be able to make that up.
Speaker 2 (03:20):
Today on the show, how a sophisticated group of hackers
took down the car sales industry for a few crucial weeks,
What the road to recovery for dealerships will look like,
and where hackers might target next. I'm Sarah Holder, and
this is the big take from Bloomberg News. The software
(03:41):
company CDK Global is not exactly a household name, says
Bloomberg Senior Technology editor Dana Wallman.
Speaker 1 (03:48):
CDK is not a company I'd heard of, admittedly, before
this story broke, I actually don't know how many of
my colleagues had heard of this, and I'm guessing a
lot of our readers had not heard of this company either.
Speaker 2 (03:58):
But for car dealership across North America, the custom software
CDK provides is mission critical.
Speaker 1 (04:06):
It's used to manage pretty much every aspect of their
day to day business, from scheduling appointments to tracking inventory
in addition to completing transactions. So without that software, business
would ground to a halt and.
Speaker 2 (04:21):
Has Chances are if you've bought a car at a
dealership in the US, your data has gone through the software.
It's used by around fifteen thousand auto dealers in North America.
They do have competitors, but they clearly are the dominant
player in this very specialized field. According at least to
(04:41):
CDK itself, before this attack, the transactions that were being
done through the software accounted for something like two percent
of GDP for context, that's around five hundred and sixty
five billion dollars. This near monopoly makes CDK a healthy profit.
The company was acquired by the asset management company Brookfield
(05:02):
for eight point three billion dollars a little over two
years ago, but its status also makes the company a
vulnerable mark for a cyber attack.
Speaker 1 (05:12):
It began on Juneteenth, a federal holiday in the US,
and it was a day that car dealers were expecting
to be a busy sales day during what is already seasonally,
mind you, a busy season.
Speaker 2 (05:23):
That day, news broke that an experienced cybercrime operation called
black Suit, which we'll get into in a little bit,
had breached the CDK system that forced CDK to shut
down the system as they dealt with the disruption, CDK
has said it anticipates everything will be back online by Thursday,
the fourth of July holiday, but in the meantime, for
(05:45):
all the dealerships that rely on its service, losing access
to CDK has been like trying to work as an
Instagram influencer with Instagram down, or trying to make a
podcast during a slackoutage. It's extremely disrupt.
Speaker 1 (06:02):
It either entirely or mostly brought business to a halt
at these dealerships. It wasn't just like they couldn't complete
sales of cars. We know that, but there are other
things that I didn't even think about that a car
dealership might be doing, like trying to swap inventory with
another dealer, for instance, maybe another dealer has a specific
configuration of a car that your customer wants. Another specific
(06:24):
example was the finding of replacement parts. There's a database
where you could look up parts for customers who need something.
Locating those parts is very hard when they're tracked online
or indexed online and you can't get to those systems.
Many of these dealerships were out of service and they
were either not serving customers or they were sort of
(06:46):
resorting to this old fashioned way of dealing with people.
Speaker 2 (06:49):
And data does mean old fashioned. Workers at these dealerships
started handwriting contracts and logging oil changes on paper, and
a few had to rely on their intuition some pretty
critical decisions, like trying to gauge if buyers had good
enough credit to drive off with a car.
Speaker 1 (07:07):
In a sense, just using their gut to make these decisions.
It would otherwise be driven by data, really and hard numbers.
Speaker 2 (07:14):
Obviously, this has all been a huge pain for car
sellers and for CDK, which is now facing lawsuits from dealers,
repair shops, and customers. Those customers have something else important
on the line, all that personal data the hackers also
presumably got when they accessed cdk's systems. Should consumers be
(07:35):
worried about this hack at all?
Speaker 1 (07:37):
I would be worried, and certainly in our reporting we've
found that customers themselves have express worry. We visited some
car dealerships in person and have found that, aside from
the fact that the hack brought these systems to a halt,
a more hidden impact of this hack is that customers
are now wary of buying a car. They have read
(07:58):
about this attack is the press and are a little
nervous about handing over data to car dealerships. So I
think beyond the question of should car shoppers be nervous,
they are nervous, and it is having a hard to
measure impact on car sales, even on top of the
fact that a slowdown in modern systems is making it
(08:20):
hard to transact.
Speaker 2 (08:22):
Coming up after the break, it's not just cars. We
break down who is behind the CDK hack and why
other companies should be on high alert. So here's where
things stand. For nearly two weeks, thousands of car dealerships
(08:43):
across the country have been unable to access CDK software,
which is crucial for everything from assessing credit worthiness to
figuring out what cars are available to be sold. That's
resulted in millions of dollars in lost sales, and Bloomberg
Senior Technology editor Dana Walman says figuring out who was
behind the attack wasn't easy. Who is the hacking group
(09:07):
behind the attack?
Speaker 1 (09:09):
So today at least they're called black Suit, and I
say today at least because these groups do intentionally change
their names, often to make themselves harder to track and
keep tabs on.
Speaker 2 (09:20):
According to security experts, before Blacksuit was black Suit, they
were also known as Royal. That group was responsible for
a cyber attack about a year ago that forced the
city of Dallas to shut down its computer systems, including
one that the local fire department relies on to track emergencies,
for four days. Firefighters in Dallas resorted to moving magnets
(09:43):
around on a map to keep tabs on incidents and
manage their crews. Some of Royal's members came from one
of the most notorious hacking groups ever, Kanti, meaning Black Suit,
has a pretty distinguished pedigree.
Speaker 1 (09:58):
They are really experienced group of hackers and extortionists. We
describe them as sort of low key and business like,
as if to say they're not trying to disrupt anyone.
They're just trying to run a business.
Speaker 2 (10:12):
To run that business, Blacksuit uses a two pronged approach.
Speaker 1 (10:17):
First of all, they engage in what we've called in
our reporting double extortion, that is the shutting down of
services and also the threat to publish user data online.
And we've also described them in a reporting as offering what's
called ransomware as a service.
Speaker 2 (10:34):
Ransomware as a service, Dana says that means that Blacksuit
essentially offers up its skill set hacking vulnerable companies or
school districts or libraries to whoever wants to pay for it.
Speaker 1 (10:47):
In discussing this with my colleagues, I had first likened
it to mercenaries, and one of my colleagues said, no, actually,
they're more like arms dealers. Even if they're not committing
the attack themselves, they are providing the cyber weapon and
someone else is using them to commit the attack, and
then everyone behind the scenes is profiting off of it.
Speaker 2 (11:05):
Sources have told Bloomberg that in general, Blacksuit demands a
ransom of anywhere between three hundred thousand dollars and five
million dollars, and Blacksuit demanded tens of millions of dollars
from CDK, which planned to pay the ransom. According to
a source who spoke to Bloomberg, they themselves have not
listed CDK as a victim on their website, which we've
(11:26):
reported is typical practice for them. Actually, they have on
their website about close to one hundred victims listed, and
those are just the ones who are listed. If if
a victim did pay an extortion fee, their names don't
even appear. And CDK, we've reported, intended to pay the ransomware.
Speaker 1 (11:44):
And also it's just in general, it is hard to
get hackers to comment for a story on Bloomberg.
Speaker 2 (11:50):
So far, it's unclear if black Suit was acting on
its own behalf or on behalf of someone else. The
thing that I found so surprising was how black Suit
went about getting access to cdk's systems. Dana says they
did it through what's known as social engineering. In practice,
that meant posing as employees. That's right, hackers posed as
(12:14):
employees to trick customers into helping them access the company's systems.
Speaker 1 (12:18):
And it is a reminder too that not all hacking
is what we imagine from seeing the movies, seeing hackers
depicted in the movies. It isn't necessarily an exploitation of
a vulnerability and code. There is sometimes this element of
really convincing persuasion.
Speaker 2 (12:35):
Right. They didn't have to pack into the mainframe as
we think of it. They literally had to just pretend
they were employee and get access that way. In part, yeah,
security analysts say CDK isn't the first organization to fall
prey to Blacksuit's tactics. Recent victims also include the Kansas
City Police Department and a school district in Georgia. But
(12:55):
Dana says there's one sector in particular that she's most
worried about.
Speaker 1 (13:00):
The world of healthcare, electronic healthcare providers. It is a
huge industry, but I wouldn't say there's a ton of
variety in that industry. I don't think it's that uncommon
to see a quasi monopoly like the kind that CDK has,
and I think a similar dynamic where once these companies
are onboarded onto this software, it is difficult for them
(13:21):
to get out and transfer to another piece of software,
whether it's because they're locked into a five year contract,
or it's difficult to migrate their data to something else,
or because you've got all these employees who you have
to train on new software when they could otherwise be
getting work done.
Speaker 2 (13:37):
Recently, Britain's National Health Service said it was investigating claims
that hackers had published confidential data stolen from several London hospitals.
Speaker 1 (13:47):
The hackers got access to this really sensitive patient data
involving people's blood work and pregnant women.
Speaker 2 (13:54):
With the stakes around data vulnerability getting higher, I asked
data if cdk's decision to pay the ransom could set
a bad precedent. There's a school of thought that paying
ransom will only encourage future hackers.
Speaker 1 (14:07):
Is that a worry here? I mean, without me editorializing myself,
it is an active debate in the cybersecurity community, and
I think there are people who do subscribe to the
school of thought that as hard as it is to
be named publicly and shamed and to accept the impacts
(14:27):
that more broadly speaking, pulling the lens back, it is
destructive in a longer term way to keep paying these ransoms.
I would not say there's a consensus on that necessarily,
but it does seem to be an active source of
debate in the cyber threat community.
Speaker 2 (14:43):
Either way, Dana says that the CDK situation isn't likely
to be the last one, and that the trend is
towards more potentially devastating consequences than not being able to
buy a car.
Speaker 1 (14:55):
These attacks seem relentless, and they have felt especially vicious.
Speaker 2 (15:00):
The CDK hack serves as a warning for any industries
that are overly reliant on one piece of software, Dana says.
But for now, Deborah Griffith is still just trying to
deal with the mess this hack has created for her.
Speaker 3 (15:14):
So, I mean, it's yeah, chaos. That word you use
is a very good word.
Speaker 2 (15:21):
You know what might happen if CDK doesn't get everything
back online by July fourth? How might that affect the industry?
Speaker 3 (15:28):
I mean, if you're in a dealership, especially the service department,
you know, every time something breaks that you don't want
to break, you know, you can't just sit back and
wine about it. You know, you just have to roll
with it, and you have to, you know, come up
with a solution. Don't cry about the reason why. You know.
Speaker 2 (15:50):
This is the big take from Bloomberg News. I'm Sarah Holder.
This episode was produced by Alex Sugiura. It was edited
by Aaron Edwards. It was mixed by Rishi Bajakol. It
was fact checked by Thomas lu Our senior producers are
Naomi Shaven and Kim Gettleson. Our senior editor is Elizabeth Ponso,
Nicole bimsterbor is our executive producer. Sage Bauman is Bloomberg's
(16:12):
head of podcasts. If you liked this episode, make sure
to subscribe and review The Big Take wherever you listen
to podcasts. It helps people find the show. Thanks so
much for listening. We'll be off tomorrow for the fourth
of July, but we'll be back on Friday.
Bloomberg Audio Studios, podcasts, radio news.
Speaker 2 (00:08):
Deborah Griffith has been working with car dealerships on and
off for over forty years, processing warranty claims. A few
weeks ago in mid June, she logged onto her computer
at work and noticed that a key bit of software
she uses, made by a company called CDK, had stopped working.
Speaker 3 (00:26):
I've never experienced anything like that. I'm like, what in
the world is going on.
Speaker 2 (00:32):
CDK is used by an overwhelming majority of dealers in
the country to track purchases, parts, and warranties. But CDK
had been offline for hours. Short outages weren't that unusual.
What was strange this time was that Deborah hadn't seen
an update from CDK about any upgrades or maintenance.
Speaker 3 (00:52):
CDK has a service portal, and if something goes wrong nationwide,
they'll put a message on there, like like any website
you know works experiencing this outage, you know, and we're
working on it, you know, something like that, And there
was nothing there.
Speaker 2 (01:07):
Eventually, Deborah got a call from one of her contacts.
Speaker 3 (01:11):
He called me and he said, I just got a
call from CDK corporate. Everyone has to log out right
now and he goes, I mean, right now, there's something
going on. They've been hacked. You know, tell your bosses,
call your company and tell them everyone needs to log
out right now.
Speaker 2 (01:28):
Activity at dealerships across North America ground to a halt
as CDK shut down its systems on June nineteenth in
response to the hack. Dealers couldn't access their inventory, buyers
couldn't get cars off the lot, and Deborah couldn't process
any warranty claims. Just how disruptive was this to the
work that you try to do?
Speaker 3 (01:49):
Very absolutely, very very There's nothing, absolutely nothing I can do,
absolutely nothing.
Speaker 2 (01:59):
Summer is a particularly important time for the car industry,
and in the middle of a crucial season, buyers, dealers,
and owners looking to repair their vehicles were left in
the lurch. Data out on Tuesday showed slowing growth for
US car sales. Toyota reported a dip of one point
two percent in June compared to last year, while Kia
(02:21):
saw a six point five percent decrease. Some companies that
reported their quarterly earnings saw slight jumps in sales in
Q two. For General Motors appoint six percent rise, but
that's compared to an increase of nineteen percent last year.
Speaker 1 (02:36):
It's millions of dollars worth of sales.
Speaker 2 (02:38):
Bloomberg Senior Technology editor Dana Wallman has been leading a
team that's been reporting on the hack.
Speaker 1 (02:44):
I mean, even single car dealerships are saying that they've
lost millions of dollars in transactions. It really is. It's huge.
Speaker 2 (02:51):
According to independent outlets, the group behind the hack is
known as Black Suit, and they reportedly demanded a ransom
of tens of millions, of a ransom that Bloomberg is
reporting CDK agreed to pay because the consequences of keeping
CDK offline for long would be devastating for the car industry.
Speaker 1 (03:11):
It's last sales during a busy period, and I don't
know that all dealerships will be able to make that up.
Speaker 2 (03:20):
Today on the show, how a sophisticated group of hackers
took down the car sales industry for a few crucial weeks,
What the road to recovery for dealerships will look like,
and where hackers might target next. I'm Sarah Holder, and
this is the big take from Bloomberg News. The software
(03:41):
company CDK Global is not exactly a household name, says
Bloomberg Senior Technology editor Dana Wallman.
Speaker 1 (03:48):
CDK is not a company I'd heard of, admittedly, before
this story broke, I actually don't know how many of
my colleagues had heard of this, and I'm guessing a
lot of our readers had not heard of this company either.
Speaker 2 (03:58):
But for car dealership across North America, the custom software
CDK provides is mission critical.
Speaker 1 (04:06):
It's used to manage pretty much every aspect of their
day to day business, from scheduling appointments to tracking inventory
in addition to completing transactions. So without that software, business
would ground to a halt and.
Speaker 2 (04:21):
Has Chances are if you've bought a car at a
dealership in the US, your data has gone through the software.
It's used by around fifteen thousand auto dealers in North America.
They do have competitors, but they clearly are the dominant
player in this very specialized field. According at least to
(04:41):
CDK itself, before this attack, the transactions that were being
done through the software accounted for something like two percent
of GDP for context, that's around five hundred and sixty
five billion dollars. This near monopoly makes CDK a healthy profit.
The company was acquired by the asset management company Brookfield
(05:02):
for eight point three billion dollars a little over two
years ago, but its status also makes the company a
vulnerable mark for a cyber attack.
Speaker 1 (05:12):
It began on Juneteenth, a federal holiday in the US,
and it was a day that car dealers were expecting
to be a busy sales day during what is already seasonally,
mind you, a busy season.
Speaker 2 (05:23):
That day, news broke that an experienced cybercrime operation called
black Suit, which we'll get into in a little bit,
had breached the CDK system that forced CDK to shut
down the system as they dealt with the disruption, CDK
has said it anticipates everything will be back online by Thursday,
the fourth of July holiday, but in the meantime, for
(05:45):
all the dealerships that rely on its service, losing access
to CDK has been like trying to work as an
Instagram influencer with Instagram down, or trying to make a
podcast during a slackoutage. It's extremely disrupt.
Speaker 1 (06:02):
It either entirely or mostly brought business to a halt
at these dealerships. It wasn't just like they couldn't complete
sales of cars. We know that, but there are other
things that I didn't even think about that a car
dealership might be doing, like trying to swap inventory with
another dealer, for instance, maybe another dealer has a specific
configuration of a car that your customer wants. Another specific
(06:24):
example was the finding of replacement parts. There's a database
where you could look up parts for customers who need something.
Locating those parts is very hard when they're tracked online
or indexed online and you can't get to those systems.
Many of these dealerships were out of service and they
were either not serving customers or they were sort of
(06:46):
resorting to this old fashioned way of dealing with people.
Speaker 2 (06:49):
And data does mean old fashioned. Workers at these dealerships
started handwriting contracts and logging oil changes on paper, and
a few had to rely on their intuition some pretty
critical decisions, like trying to gauge if buyers had good
enough credit to drive off with a car.
Speaker 1 (07:07):
In a sense, just using their gut to make these decisions.
It would otherwise be driven by data, really and hard numbers.
Speaker 2 (07:14):
Obviously, this has all been a huge pain for car
sellers and for CDK, which is now facing lawsuits from dealers,
repair shops, and customers. Those customers have something else important
on the line, all that personal data the hackers also
presumably got when they accessed cdk's systems. Should consumers be
(07:35):
worried about this hack at all?
Speaker 1 (07:37):
I would be worried, and certainly in our reporting we've
found that customers themselves have express worry. We visited some
car dealerships in person and have found that, aside from
the fact that the hack brought these systems to a halt,
a more hidden impact of this hack is that customers
are now wary of buying a car. They have read
(07:58):
about this attack is the press and are a little
nervous about handing over data to car dealerships. So I
think beyond the question of should car shoppers be nervous,
they are nervous, and it is having a hard to
measure impact on car sales, even on top of the
fact that a slowdown in modern systems is making it
(08:20):
hard to transact.
Speaker 2 (08:22):
Coming up after the break, it's not just cars. We
break down who is behind the CDK hack and why
other companies should be on high alert. So here's where
things stand. For nearly two weeks, thousands of car dealerships
(08:43):
across the country have been unable to access CDK software,
which is crucial for everything from assessing credit worthiness to
figuring out what cars are available to be sold. That's
resulted in millions of dollars in lost sales, and Bloomberg
Senior Technology editor Dana Walman says figuring out who was
behind the attack wasn't easy. Who is the hacking group
(09:07):
behind the attack?
Speaker 1 (09:09):
So today at least they're called black Suit, and I
say today at least because these groups do intentionally change
their names, often to make themselves harder to track and
keep tabs on.
Speaker 2 (09:20):
According to security experts, before Blacksuit was black Suit, they
were also known as Royal. That group was responsible for
a cyber attack about a year ago that forced the
city of Dallas to shut down its computer systems, including
one that the local fire department relies on to track emergencies,
for four days. Firefighters in Dallas resorted to moving magnets
(09:43):
around on a map to keep tabs on incidents and
manage their crews. Some of Royal's members came from one
of the most notorious hacking groups ever, Kanti, meaning Black Suit,
has a pretty distinguished pedigree.
Speaker 1 (09:58):
They are really experienced group of hackers and extortionists. We
describe them as sort of low key and business like,
as if to say they're not trying to disrupt anyone.
They're just trying to run a business.
Speaker 2 (10:12):
To run that business, Blacksuit uses a two pronged approach.
Speaker 1 (10:17):
First of all, they engage in what we've called in
our reporting double extortion, that is the shutting down of
services and also the threat to publish user data online.
And we've also described them in a reporting as offering what's
called ransomware as a service.
Speaker 2 (10:34):
Ransomware as a service, Dana says that means that Blacksuit
essentially offers up its skill set hacking vulnerable companies or
school districts or libraries to whoever wants to pay for it.
Speaker 1 (10:47):
In discussing this with my colleagues, I had first likened
it to mercenaries, and one of my colleagues said, no, actually,
they're more like arms dealers. Even if they're not committing
the attack themselves, they are providing the cyber weapon and
someone else is using them to commit the attack, and
then everyone behind the scenes is profiting off of it.
Speaker 2 (11:05):
Sources have told Bloomberg that in general, Blacksuit demands a
ransom of anywhere between three hundred thousand dollars and five
million dollars, and Blacksuit demanded tens of millions of dollars
from CDK, which planned to pay the ransom. According to
a source who spoke to Bloomberg, they themselves have not
listed CDK as a victim on their website, which we've
(11:26):
reported is typical practice for them. Actually, they have on
their website about close to one hundred victims listed, and
those are just the ones who are listed. If if
a victim did pay an extortion fee, their names don't
even appear. And CDK, we've reported, intended to pay the ransomware.
Speaker 1 (11:44):
And also it's just in general, it is hard to
get hackers to comment for a story on Bloomberg.
Speaker 2 (11:50):
So far, it's unclear if black Suit was acting on
its own behalf or on behalf of someone else. The
thing that I found so surprising was how black Suit
went about getting access to cdk's systems. Dana says they
did it through what's known as social engineering. In practice,
that meant posing as employees. That's right, hackers posed as
(12:14):
employees to trick customers into helping them access the company's systems.
Speaker 1 (12:18):
And it is a reminder too that not all hacking
is what we imagine from seeing the movies, seeing hackers
depicted in the movies. It isn't necessarily an exploitation of
a vulnerability and code. There is sometimes this element of
really convincing persuasion.
Speaker 2 (12:35):
Right. They didn't have to pack into the mainframe as
we think of it. They literally had to just pretend
they were employee and get access that way. In part, yeah,
security analysts say CDK isn't the first organization to fall
prey to Blacksuit's tactics. Recent victims also include the Kansas
City Police Department and a school district in Georgia. But
(12:55):
Dana says there's one sector in particular that she's most
worried about.
Speaker 1 (13:00):
The world of healthcare, electronic healthcare providers. It is a
huge industry, but I wouldn't say there's a ton of
variety in that industry. I don't think it's that uncommon
to see a quasi monopoly like the kind that CDK has,
and I think a similar dynamic where once these companies
are onboarded onto this software, it is difficult for them
(13:21):
to get out and transfer to another piece of software,
whether it's because they're locked into a five year contract,
or it's difficult to migrate their data to something else,
or because you've got all these employees who you have
to train on new software when they could otherwise be
getting work done.
Speaker 2 (13:37):
Recently, Britain's National Health Service said it was investigating claims
that hackers had published confidential data stolen from several London hospitals.
Speaker 1 (13:47):
The hackers got access to this really sensitive patient data
involving people's blood work and pregnant women.
Speaker 2 (13:54):
With the stakes around data vulnerability getting higher, I asked
data if cdk's decision to pay the ransom could set
a bad precedent. There's a school of thought that paying
ransom will only encourage future hackers.
Speaker 1 (14:07):
Is that a worry here? I mean, without me editorializing myself,
it is an active debate in the cybersecurity community, and
I think there are people who do subscribe to the
school of thought that as hard as it is to
be named publicly and shamed and to accept the impacts
(14:27):
that more broadly speaking, pulling the lens back, it is
destructive in a longer term way to keep paying these ransoms.
I would not say there's a consensus on that necessarily,
but it does seem to be an active source of
debate in the cyber threat community.
Speaker 2 (14:43):
Either way, Dana says that the CDK situation isn't likely
to be the last one, and that the trend is
towards more potentially devastating consequences than not being able to
buy a car.
Speaker 1 (14:55):
These attacks seem relentless, and they have felt especially vicious.
Speaker 2 (15:00):
The CDK hack serves as a warning for any industries
that are overly reliant on one piece of software, Dana says.
But for now, Deborah Griffith is still just trying to
deal with the mess this hack has created for her.
Speaker 3 (15:14):
So, I mean, it's yeah, chaos. That word you use
is a very good word.
Speaker 2 (15:21):
You know what might happen if CDK doesn't get everything
back online by July fourth? How might that affect the industry?
Speaker 3 (15:28):
I mean, if you're in a dealership, especially the service department,
you know, every time something breaks that you don't want
to break, you know, you can't just sit back and
wine about it. You know, you just have to roll
with it, and you have to, you know, come up
with a solution. Don't cry about the reason why. You know.
Speaker 2 (15:50):
This is the big take from Bloomberg News. I'm Sarah Holder.
This episode was produced by Alex Sugiura. It was edited
by Aaron Edwards. It was mixed by Rishi Bajakol. It
was fact checked by Thomas lu Our senior producers are
Naomi Shaven and Kim Gettleson. Our senior editor is Elizabeth Ponso,
Nicole bimsterbor is our executive producer. Sage Bauman is Bloomberg's
(16:12):
head of podcasts. If you liked this episode, make sure
to subscribe and review The Big Take wherever you listen
to podcasts. It helps people find the show. Thanks so
much for listening. We'll be off tomorrow for the fourth
of July, but we'll be back on Friday.
Hosts And Creators
Sarah Holder
Saleha Mohsin
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
Las Culturistas with Matt Rogers and Bowen Yang
Ding dong! Join your culture consultants, Matt Rogers and Bowen Yang, on an unforgettable journey into the beating heart of CULTURE. Alongside sizzling special guests, they GET INTO the hottest pop-culture moments of the day and the formative cultural experiences that turned them into Culturistas. Produced by the Big Money Players Network and iHeartRadio.