Did Outdated Technology Burn CDK In Their Recent Cyber Attack?

In late June of this year, CDK Global, a key software provider for the automotive industry, suffered a severe ransomware attack. This event not only disrupted thousands of auto dealerships across North America but also underscored the dangers of relying on outdated legacy systems. While Akeyless Security specializes in safeguarding enterprise secrets and identities, this attack highlights the broader need for resilient, modern cybersecurity technology.

The Anatomy of the CDK Global Attack reveals a chilling timeline of events that plunged the company into chaos. 

On June 19, 2024, the initial ransomware attack by the BlackSuit gang occurred, leading to a shutdown of IT systems. A second cyberattack followed the next day. The restoration process started on June 22, with full recovery expected by early July. This sequence illustrates the severe disruption, affecting approximately 15,000 dealerships and causing significant setbacks in vehicle sales, financing, repairs, and overall operations.

Understanding the tactics of the BlackSuit ransomware gang uncovers why they are a formidable adversary for enterprises. 

This group uses double extortion tactics, demanding high ransoms while threatening to release sensitive data. They target critical sectors like healthcare, education, IT, government, retail, and manufacturing to maximize their impact. Known for sophisticated attack methods, including phishing and exploiting software vulnerabilities, the BlackSuit gang has rapidly escalated its threats since emerging in April 2023.

The Root Cause: Reliance on Legacy Systems

CDK’s reliance on outdated technology was the root cause of the attack’s success. According to Kathi Kruse in her article on Medium, CDK Global’s system integrated outdated technologies and had not seen significant upgrades for decades. This created security gaps and inefficiencies, leaving it vulnerable to attacks. The system’s age, lack of innovation, outdated security protocols, inadequate backup and recovery plans, single points of failure, and fragmented infrastructure all contributed to its downfall.

Modern Solutions for Modern Threats

The threat of ransomware is not just a theoretical risk but a financial reality, projected to cost the world $265 billion by 2031. Cybersecurity Ventures highlights this impending crisis, underscoring the urgency for enterprises to update their cybersecurity strategies. The CDK Global attack serves as a stark reminder that outdated systems cannot counter the sophisticated tactics of modern cybercriminals.

By genuinely embracing just-in-time least-privilege credentials, your organization can shift its security culture. This approach treats credentials as ephemeral, significantly hindering attackers’ ability to move laterally within the network. It creates a dynamic security environment that adapts to threats in real-time, reducing the risk of breaches and insider threats.

Akeyless helps enterprises avoid the pitfalls of outdated technology by providing trusted, modern solutions for protecting secrets and identities.Using its Unique Machine Identity functionality, Akeyless can secure and rotate secrets even for legacy and on-prem systems. The Akeyless platform ensures sensitive credentials are securely managed, automates secrets lifecycle management, and provides unified secrets management across cloud and on-premises environments. Akeyless’s Vaultless® Secrets Management, powered by Distributed Fragments Cryptography (DFC), offers enhanced security by ensuring encryption keys are never stored as whole entities, significantly reducing the risk of data breaches and preventing unauthorized secret decryption.

A Path Forward

The CDK Global cyberattack underscores the urgent need for enterprises to modernize their cybersecurity measures and adopt the use of just-in-time least-privilege credentials. By investing in up-to-date technology, developing robust incident response plans, enhancing data protection strategies, and regularly auditing security practices, enterprises can significantly reduce the risks posed by modern cyber threats. This proactive approach is essential for maintaining operational integrity and protecting sensitive information.

Adopting modern solutions like Akeyless is a necessary and surprisingly easy step to stay ahead in the cybersecurity game. Transitioning from legacy systems to our Vaultless® Secrets Management addresses key challenges in security, integration, and scalability, and Akeyless can also secure legacy systems that have been traditionally left vulnerable. The migration process to Akeyless is streamlined, and Akeyless requires minimal setup due to our SaaS model, which eliminates the need for extensive infrastructure or complicated deployments

Consider the example of Cimpress, a global enterprise that significantly benefited from adopting Akeyless. Conor Mancone, Principal Application Security Engineer at Cimpress, shared their positive experience: “We set Akeyless up 9 months ago and we haven’t had to worry about credential rotation. We haven’t had to worry about credential leakage. All of our software that’s running it just works — we haven’t really had to think about it since then. It’s been a really smooth, really easy process.” It is notable that only with Akeyless was Cimpress able to rotate credentials for its on-prem industrial printers, closing a crucial security gap.

Ensure your technology and security practices are future-proofed and don’t get burned with legacy technology. Get started with a demo today!