NHADA | Blog

Crowdstrike Outage Aftermath - Action Required and Upcoming Webinar

Written by National Auto Dealers Association (NADA) | Aug 1, 2024

🔘 Upcoming NADA Webinar August 6th – Protect Your Dealership After CDK, CrowdStrike, and Knowbe4: Handling FTC Compliance, Liability & Cybersecurity - Register Now


Urgent Action Required to Counter Cybercriminals Exploiting Auto Dealers from CrowdStrike Outage

In the wake of the recent global CrowdStrike outage, cybercriminals are seizing the opportunity to target automotive dealerships with sophisticated phishing attacks. Bad actors are crafting counterfeit domains that mimic CrowdStrike's (see additional info below), deceiving dealers into believing they are in communication with CrowdStrike corporate.

The danger lies in the simplicity of the deception: it only takes one employee misled by these fraudulent communications to open the door to malware. Successful breaches can lead to ransomware attacks that seize control of dealership systems, denying access until a ransom is paid.  

Black Breach, a cybersecurity firm specializing in the automotive dealership industry, recommends dealership IT resources to promptly block these identified counterfeit domains, whether or not they are current users of CrowdStrike services, listed in the link below. 

Additional Info
For a detailed breakdown of this attack, an example of a CrowdStrike phishing attack already identified, and to access an updated copy-and-paste list of the known fraudulent domains, click here

To RSVP for the upcoming NADA webinar on August 6, featuring Black Breach's discussion for dealerships on cyber threats, the legal liabilities they pose, and FTC Safeguards compliance, click here.

Federal government resources related to the CrowdStrike outage are available here