Ransomware, Incident Response

CDK Global hack attributed to BlackSuit ransomware

Share
Image of ransomware, computer language, circuit board pattern over data server room

Attacks against CDK Global, which has resulted in widespread disruptions in North American car dealerships since Tuesday, have been linked to the BlackSuit ransomware operation, BleepingComputer reports.

CDK Global was also noted by sources close to the matter to have entered negotiations with the threat operation, which was previously associated by the FBI and Cybersecurity and Infrastructure Security Agency with the Royal ransomware gang due to similar techniques and encryptor code. Such claims have not yet been confirmed nor denied by CDK Global but the software-as-a-service provider warned about social engineering attacks being targeted at dealerships, as well as a second intrusion that caused the complete shutdown of its IT systems. Impact from the CDK Global breach has already been confirmed by Penske Automotive Group and Sonic Automotive, both of which have continued operations despite disruptions to their respective dealer management systems.

An In-Depth Guide to Ransomware

Get essential knowledge and practical strategies to protect your organization from ransomware attacks.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.