Category: CDK

CDK Global, a prominent provider of software solutions for automotive sales and services across 15,000 dealerships, recently faced significant disruptions due to alleged ransomware attacks. Reports indicate that the attacks, attributed to the Black Suit file encrypting malware group, initially targeted the company, causing temporary service disruptions.

Shortly after the first incident, media outlets reported a second ransomware attack targeting CDK Global while recovery efforts from the initial breach were still ongoing. Lisa Finney, a spokesperson for the company, confirmed the occurrence of the second attack and assured that investigations were underway. Law enforcement agencies were promptly notified, and security experts were engaged to conduct a thorough investigation.

Meanwhile, efforts to restore services were in progress, with CDK Global urging caution among its staff regarding potential phishing attacks. Employees were warned about threats where malicious actors could impersonate CDK partners to obtain sensitive information.

Cybersecurity experts emphasize the importance of promptly addressing vulnerabilities through software upgrades and updates. Failure to do so may leave companies vulnerable to repeated attacks throughout the year. It is crucial for affected businesses to seek expert guidance to patch vulnerabilities effectively, thereby minimizing future risks of exploitation by cybercriminals.

The post CDK Global faced second ransomware attack appeared first on Cybersecurity Insiders.

1.) Recently, the Qilin ransomware group, believed to originate from Russia, targeted three hospitals and a network, severely disrupting emergency services for patients. The attack, which occurred on June 4, 2024, via Synnovis Software, has led the gang to demand a ransom of $50 million. They have claimed responsibility and threatened to leak stolen data on the dark web within 7-8 days unless the ransom is paid.

In the UK, the NHS reported significant digital disruptions, resulting in the cancellation and postponement of critical medical procedures, including cancer treatments and kidney trans-plants. Over 814 procedures were affected across the network.

2.) In North America, CDK Global, a major software supplier to car dealerships, experienced a ransomware attack on its servers. While the incident disrupted operations, recovery measures have been implemented, and most services have been restored. Law enforcement is investigating, and CDK Global plans to issue a formal statement after further assessment.

The good part of the incident is that it was contained with recovery measures and most of the services were restored. For reasons, the name of the ransomware perpetrators has been withheld as the law enforcement is busy investigating the incident, after which CDK that supplies technology to about 15k dealerships across the United States is said to issue a formal statement.

3.) Meanwhile, AMD, a prominent silicon chip maker, is investigating a cyber attack linked to a ransomware group. Hackers have reportedly leaked sensitive data, including details about future products. Additionally, IntelBroker claimed to have breached AMD’s network, selling compromised employee credentials and sensitive information on a data forum.

Screenshots of the compromised data include product roadmap, specification sheets, employee details, ROM details, Property files, source codes, firmware info, finances regarding the salaries of employees, their IDs and first n last names and designations along with their business contact details like phone numbers and email IDs.

Interestingly, at the same time in the year 2022, the processor maker allegedly claimed to be investigating a 450GB data steal by a hacking group named RansomHouse, but later found the allegations as false.

These incidents highlight ongoing cybersecurity challenges faced by industries worldwide, underscoring the need for robust defenses and swift responses to cyber threats.

The post Update on ransomware attacks on NHS, AMD and CDK Global appeared first on Cybersecurity Insiders.