BlackSuit Ransomware Gang Behind Massive Cyber Attack on CDK Global

Written by Gabby Lee

June 25, 2024

BlackSuit Ransomware Gang Behind Massive Cyber Attack on CDK Global

The BlackSuit Ransomware Group is Held Responsible for Ongoing Outages and Disruption at Automotive SaaS Provider

Intelligence sources have revealed that the BlackSuit ransomware operation is responsible for the ongoing CDK Global Cyber Attack, a major provider of software services to the automotive industry.

According to details provided under condition of anonymity, the BlackSuit threat actors deployed ransomware which forced CDK Global to shut down all IT systems and data centers to isolate the intrusion. This initial response has caused major outages impacting thousands of dealerships that rely on CDK’s platforms.

CDK Cyber Attack Update: CDK Attempted to Restore Systems but Was Foiled by Second Incident

When trying to restore services on June 22, CDK Global suffered another cybersecurity incident, requiring further shutdowns. Two public dealership companies, Penske Automotive Group and Sonic Automotive, confirmed disruptions to their operations due to the CDK outages in US SEC filings.

Sources now reveal that CDK Global is currently negotiating directly with the BlackSuit ransomware group in hopes of obtaining a universal decryptor and ensuring stolen data is not leaked publicly.

BlackSuit Ransomware: An Illustrious Criminal History

BlackSuit is believed to have evolved from the infamous Royal ransomware syndicate, tracing its origins to the once formidable Conti cybercrime organization. Since its rebrand in mid-2023, BlackSuit has compromised over 350 global targets, demanding over $275 million in ransoms according to FBI and CISA advisories.

Car Dealerships Resort to Manual Workarounds

With CDK’s systems remaining down, car dealers have had to switch completely to offline paperwork methods. Car buyers have reported an inability to purchase vehicles or receive service due to the outage at some franchises nationwide. The CDK ransomware attack is yet another example of why enterprise businesses must bolster security or risk enduring further devastating ransomware attacks from experienced criminal cartels such as BlackSuit in this high-stakes cyber environment.

Related Articles

Stay Up to Date With The Latest News & Updates

Join Our Newsletter


Subscribe To Our Newsletter

Sign up to our weekly newsletter summarizing everything thats happened in data security, storage, and backup and disaster recovery

You have Successfully Subscribed!