By Adam Dennis, AntiguaRecon/SurgeMetrix

As you probably already know, ransomware attacks are one of the biggest threats facing most businesses today.  For a car, tractor, or agricultural equipment dealership, a successful attack means much more than frozen computers—it means losing access to customer financing documents, service records, inventory systems, potentially lost sales, and, if hits the press, damage to your reputation.  Think CDK a year or so ago…

The good news?  To put up a good fight, you don’t need a huge IT budget to achieve significant protection…  You just need committed leadership and a simple strategy for moving forward.  By focusing on these five logical steps, you can build a strong defense that deters the vast majority of ransomware risks.

1. Regularly Back Up Everything (And Keep Store Offline Too!)

This is your ultimate insurance policy.  If hackers lock up your data, you need a way to restore it without paying the ransom.  This. Is. It!

• The Mistake: Storing backups on the same network, or server, where the primary data lives.  Any reasonably respectable ransomware attack can often find and encrypt network-attached backups quite easily.  I expect that you would agree that that would be a big bummer!
• The Fix: Implement the 3-2-1 Rule (Three copies of your data, on two different media, with one copy stored off-site/offline). Use a cloud service (like AWS or Google Cloud), or an external hard drive, that is disconnected from the network immediately after the backup is complete.  For extra security, make sure that your backups cover a range of time to harden you against the additional risk of a slow moving attack that seeks to infect your systems for a period of time before it activates.

2. Enforce Strict Multi-Factor Authentication (MFA)

Most ransomware attacks start with hackers gaining access through a stolen or guessed password.  MFA is the single easiest way to stop this.  Simply put: This one ain’t rocket science.

• The Mistake: Only relying only on complex passwords for critical systems (CRM, accounting, email) is not enough.
• The Fix: Mandate MFA for every single employee on every critical system—especially email, remote desktop access, and your Dealer Management System (DMS).  MFA requires a hacker to have both the password and the employee’s physical phone, making a breach exponentially harder.

3. Stop Phishing: Train Your People First

Employees are your strongest firewall, but only if they know what to look for.  Phishing emails (where hackers trick employees into clicking a malicious link) are the #1 way ransomware enters a dealership.

• The Mistake: Only doing security training once a year during onboarding is a VERY bad idea.
• The Fix: Conduct short, regular security awareness trainings focused specifically on recognizing phishing attempts (“urgent” demands for wire transfers, seemingly innocent emails from colleagues and friends, or strange attachments).  Use tools to run simulated phishing tests to see who needs extra coaching coupled with surveys and other tools to ensure that you establish a learning baseline to objectively assess progress over time.

4. Restrict Access to “Need-to-Know” Data

Not every employee needs access to customer credit reports or the payroll folder.  Restricting access limits the damage a hacker can do once they gain entry.  

• The Mistake: Giving every employee (from sales to service) blanket access to every shared network folder is asking for trouble.
• The Fix: Implement the Principle of Least Privilege (PoLP).  For example, a service tech would only get access to service appointment software and parts inventory… while a sales person would only get CRM and inventory access.  This compartmentalization prevents a breach in one department from compromising the entire business.

5. Keep Your Software Patched and Up-to-Date

I don’t care how many times I say it, but hackers exploit known security flaws in old software versions…  This is part of their hacker DNA.  Consequently, keeping your operating system and essential applications updated is low-effort, high-reward defense.

• The Mistake: Delaying operating system updates (Windows/macOS) or using ancient, unsupported software because “it just works” is an invitation to disaster.
• The Fix: Automate software updates whenever possible.  Prioritize patching security flaws in high-risk applications like your email server, web browsers, and any external-facing software your dealership uses.  If a device runs unsupported software (like Windows 7), disconnect it immediately.
  

Final Thoughts

Like I usually say, this ain’t rocket science.  All 5 points listed above should be part of your game plan for hardening your dealership against ransomware and similar attacks.  

One thing to note… for a successful cybersecurity awareness campaign to work, it needs to be absorbed into your corporate culture and made part of your day-to-day thinking.  It can’t be just a checklist you use to satisfy your cybersecurity insurance broker, but be something that’s discussed and done regularly.  Moreover, you should do more than just simulated phishing tests.  They aren’t enough.  Survey your people, talk about the results, and set up a system of training that sets clear baselines to track learning over time.  

This strategy, coupled with the other 4 points, will put you ahead of your competitors and mitigate risks significantly.

– – –

As usual, feel free to reach out with questions at any time!