Skip to content
Longterm Wiki
Back

Anderson Economic Group

web
gmauthority.com·gmauthority.com/blog/2024/07/cdk-cyberattack-dealer-losse...

Useful as a real-world case study of economic harm from cyberattacks on concentrated software infrastructure; tangentially relevant to AI safety discussions around deployment risks, systemic dependencies, and critical infrastructure vulnerabilities.

Metadata

Importance: 22/100news articlenews

Summary

This resource covers the Anderson Economic Group's analysis estimating that the 2024 CDK Global cyberattack caused approximately $1 billion in losses to automotive dealerships. The attack disrupted dealer management software used across thousands of US car dealerships, illustrating the cascading economic impact of ransomware attacks on critical commercial infrastructure.

Key Points

  • The CDK Global cyberattack in mid-2024 disrupted dealer management systems used by approximately 15,000 car dealerships across North America.
  • Anderson Economic Group estimated total dealer losses at roughly $1 billion due to operational downtime and lost vehicle sales.
  • The incident highlights systemic risk from software supply chain concentration, where a single vendor outage cascades across an entire industry.
  • Ransomware or extortion-style attacks on software-as-a-service providers can paralyze dependent businesses even without directly targeting them.
  • The case illustrates the economic magnitude of cybersecurity failures in critical commercial infrastructure beyond traditional government/utility sectors.

Cited by 1 page

PageTypeQuality
Cyberweapons RiskRisk91.0

Cached Content Preview

HTTP 200Fetched Mar 20, 202616 KB
![](https://gmauthority.com/blog/wp-content/uploads/2020/05/Chevrolet-dealer-in-Argentina-exterior-01-850x567.jpg)[5](https://gmauthority.com/blog/2024/07/cdk-cyberattack-dealer-losses-estimated-at-1b/#comments)

A recent series of cyberattacks on CDK Global, which provides dealer management system (DMS) services to auto dealerships across the U.S., has led to nearly $1 billion in losses to those vehicle dealers, according to the latest estimates by data analysis and consultancy firm Anderson Economic Group LLC.

Anderson [reports](https://www.andersoneconomicgroup.com/dealer-losses-due-to-cdk-cyberattack-to-reach-944-million-in-first-three-weeks/) that the cyberattacks, which consist of ransomware attacks against car dealerships using CDK software, caused direct losses of $944 million to the affected dealers during the initial three weeks.

[![A Buick GMC dealer likely affected by the CDK Global shutdown.](https://gmauthority.com/blog/wp-content/uploads/2017/01/Buick-GMC-Dealer-720x350.jpg)](https://gmauthority.com/blog/wp-content/uploads/2017/01/Buick-GMC-Dealer.jpg)

Automotive sales at the roughly 15,000 dealerships targeted by the attacks against CDK fell by 5 percent in June as a result of the incident. Losses during the week ending on June 22nd, 2024 amounted to approximately $284 million, increasing to $321 million during the week ending June 29th and then $339 million for the week of July 6th.

The losses include lost sales and service income as customers took their business elsewhere when attempted purchases or repair orders were delayed by software problems. They also include other expenses related to the cyberattacks, such as paying ransoms to the hackers, hiring software professionals to try to bypass the cyberattacks and get systems back online, and interest paid on inventory.

[![A lineup of GMC Sierra trucks at a dealership.](https://gmauthority.com/blog/wp-content/uploads/2022/02/GMC-Sierra-Lineup-GMC-Dealer-001-720x486.jpg)](https://gmauthority.com/blog/wp-content/uploads/2022/02/GMC-Sierra-Lineup-GMC-Dealer-001.jpg)

The attacks [began](https://gmauthority.com/blog/2024/06/cdk-global-cyberattack-causes-dealer-management-system-shutdown/) early in the morning on June 19th, 2024, with CDK Global responding by shutting down its dealer management systems to protect its dealer customers from direct effects by the ransomware. DRIVE, Fortellis, and Modern Retail CRM were major components of the CDK suite affected by the attack and subsequent precautionary shutdown.

The hackers, probably located somewhere in Eastern Europe, [demanded a ransom](https://gmauthority.com/blog/2024/06/cdk-management-system-shutdown-continues-as-hackers-demand-ransom/) of tens of millions of dollars from CDK in exchange for ceasing the attacks. The also launched a second cyberattack five days after the first, prolonging the system shutdown. Many dealerships started using the much less efficient method of writing pen-and-paper vehicle orders. Finally, the so

... (truncated, 16 KB total)
Resource ID: c47b8b61c9cc30ba | Stable ID: MDBhMjc1Yz