Cybercrime: risks motor trade businesses can't ignore

Digital technologies in the motor trade industry speed up operations, for example, enabling greater efficiency in sales completions, vehicle services and repairs. However, this also makes the industry vulnerable to cybercrime.

The close relationships motor trade businesses have with clients and suppliers puts them at significant risk of hacking and ransomware. Accessing data from one company can open up opportunities for cybercriminals to extort others.

This data loss could have high-cost implications, including fines and compensation claims.

Recently, a nationwide chain of motor dealerships was the victim of a cyberattack. Although creating widespread disruption, the company's swift response protected customers' data, systems and third-party partners. Thankfully, there were no reports of customer information being compromised.

However, the recovery has been described as a 'mammoth task', working with their security partners to undertake an extensive review of their entire IT network and infrastructure.

Similarly, a cyberattack on a car dealership group which has 23 locations across the Midlands and north-west of England  left some of their core systems 'damaged beyond repair' or 'permanently deleted' last year. Customer data was also fortunately not compromised in this case.

These companies are not alone, but both cases highlight the need for motor trade businesses to have stringent cybersecurity measures in place and ensure they're being followed correctly.

In the 2023 Cyberthreat Defense Report, a recent study by security experts CyberEdge found that in the UK, 74.7% of organisations had experienced a cyberattack in the past twelve months.

It's not just large companies that attract cyberattacks, smaller ones are just as vulnerable. In fact, businesses of every size are being targeted.

Responding to a cyber attack

Knowing how to respond if your business falls victim to a ransomware attack or data breach will lessen the impact on your business. A fast response is essential to protect your business, customers' and suppliers' data.

The General Data Protection Regulations (GDPR) state all organisations must report certain personal data breaches to the Information Commissioner's Office (ICO). This needs to be done within 72 hours of becoming aware of the breach, where feasible.

Here are some tips to ensure your motor trade business is cybersecure:

• Ensure your employees use strong and unique passwords, and preferably multi-factor authentication.
• Arrange training sessions for staff to help them identify phishing emails.
• Implement and enforce regular data backup and restoration processes.

If you haven’t already then speak to your broker about arranging cyber liability insurance, and for advice on how you can manage the risks associated with cybercrime.