Dealerships have always had to worry about crimes such as fraud and embezzlement. But the dangers they face now are much more sophisticated — and can be far costlier.
According to the Ponemon Institute’s U.S.- focused cyber crime report:
- The financial impact of cyber crime has increased 82 percent over the past six years.
- No industry is safe: during that six-year period, some industries have realized as high as a $9 million increase in the cost of cyber crime.
- It takes, on average, nearly 50 days and close to $2 million to resolve a cyber attack.
The bottom line? Falling prey to a cyber crime attack carries big financial penalties … and those penalties are rising.
Costly consequences
One of the more sinister aspects of these breaches is just how far-reaching they can be. A former employee of Kearny Mesa Infiniti dealership in San Diego, California, accessed the personal information of a customer and used it to acquire prescription drugs. The dealership was required to notify a number of customers regarding this breach, informing them that while there was no evidence the employee stole their information, she had access to their names, addresses, social security numbers, driver’s license numbers and more.
Forewarned is forearmed
Here are some of the more common types of cyber attacks – each of which could pose a direct threat to your dealership and possibly even your clients.
Database breaches
In database breaches, also referred to as account takeovers, a form of identity theft occurs in which cyber thieves steal credentials such as account passwords and then execute fraudulent transactions. This theft can happen a few different ways. One method incorporates keylogging software that records a user’s keystrokes and sends them to the thief. Another method leverages email “phishing” that tricks legitimate users into sending credentials to a bogus email account or entering them on a fake website.
DDoS attacks
Imagine your email inbox receiving millions of emails at once. This is one potential consequence of a distributed denial of service (DDoS) attack, during which hackers overwhelm servers. Other common results of DDoS attacks include degradation of Web or email resources, slow network performance and the inability to access some network resources. Most DDoS attacks last for several hours, creating a distraction that allows fraudulent transactions to take place undetected.
Insider corruption
Just like in the Kearny Mesa Infiniti case, fraud – including cyber crime – often originates from within an organization. Sometimes fraudsters are in it to make an easy windfall. Other times, they steal information to sell to rival companies, start their own competing business or use stolen personal data to obtain goods such as prescription drugs. However, the cause of data breaches is not always nefarious – it can be as benign as cutting corners to accelerate business processes, without any intention to do harm. Unfortunately, even cases like these can hurt an organization.
Take 5
Here’s how a dealership can mitigate the risks associated with cyber attacks.
- Assess system vulnerabilities and other risk factors for all areas of the dealership and regularly review activity logs.
- Use all available security features and controls built into online and computer systems.
- Implement a comprehensive audit program.
- Implement an information technology security policy, enforce it and train employees on appropriate email and information safeguards.
- Ensure employees create strong passwords and that they update them regularly.