Is This The CDK Hacker? Is This The Future of Car Sales? Is This Chick-Fil-A Child Labor?

June 24, 2024
There’s light at the end of the tunnel this Monday as CDK starts the restoration process of its DMS. Today, we discuss the identity of their hacker, give an update on the Hyundai-Amazon partnership and look at a Chick-Fil-A summer camp that has the internet in an uproar.
Listen On
Apple Podcasts IconSpotify Icon

Show Notes with links:

As of this weekend it was reported that CDK Global has initiated the restoration process following crippling cyberattacks referred to as a ransom event. This process, expected to take several days, has left dealerships across the U.S. and Canada struggling to operate normally. Meanwhile, we have a potential glimpse into who did it. 

    • The restoration process for major applications for the over 15k dealerships affected  is expected to take several days, meanwhile dealerships have been busy re-innovating using manual processes to continue operations.
    • Meanwhile, a report by bleepingcomputer.com over the weekend claims to know the hacking group responsible citing the same inside anonymous sources that have been providing accurate information throughout the entire situation
    • BlackSuit launched in May 2023, believed to be a rebrand of Royal ransomware.
    • Royal Ransomware, and BlackSuit, are successors of the notorious Conti cybercrime syndicate.
    • The rebranding followed an attack on the City of Dallas, Texas, with Royal disappearing thereafter. FBI and CISA linked Royal and BlackSuit, noting similar tactics and coding, and associated Royal with over 350 attacks and $275 million in ransom demands since September 2022.

    Hyundai Motor America is encouraging more dealers to join its Amazon retail program ahead of its consumer launch later this year.

    • Randy Parker, Hyundai’s U.S. CEO, updated dealers on the program's progress, enabling shoppers to buy a Hyundai online.
    • An email from Hyundai offered interested dealers the chance to sign up via an online portal without commitment, touting benefits like access to millions of shoppers and the potential for incremental sales.
    • The beta phase received positive feedback from both customers and dealers, with Amazon continuing to test and refine the online vehicle shopping experience.
    • However, Amazon's onboarding capacity is limited, raising questions about prioritization.
    • Don Hall, president of the Virginia Automobile Dealers Association, expressed concerns about trade-ins and leasing: "We don't want to see this car sold off to outside folks who sell used cars online. It's not a small point, it's a big point."

    The introduction of a $35 “Chick-fil-A Summer Camp” for children aged 5 to 12 at a Louisiana location sold out quickly but faced criticism on social media.some text

    • The camp offers a behind-the-scenes look at working at Chick-fil-A, with sessions running for three hours over nine days in July.
    • Attendees receive a kid’s meal, T-shirt, name tag, and snack, and spend time with “Team Leaders” and the Chick-fil-A cow mascot.
    • Chick-fil-A representatives clarified that the children will engage in activities with employees acting as counselors, not performing staff tasks.
    • The camp has sparked backlash on social media, with accusations of promoting child labor, while supporters praise it for teaching work ethic and responsibility.
    • Mike Rowe, host of “Dirty Jobs,” defended the camp, emphasizing the importance of teaching kids soft skills critical for their development.

    Paul J Daly: 0:00

    Yo yo, Monday, June 24. Man I was down and out last week feeling myself again this morning. Welcome back. Oh, we got a lot of development see Kay hacker do we know actually who it is now, talking also about a few other things. Future car sales, Chick fil A and child labor. Today's today's the day we're just going to try and let's be as sensational as we can. Right we're gonna try to turn over a new leaf instead of instead of just being a little more rational and measured. We'll just go sensational headlines. How's that?

    Kyle Mountsier: 0:45

    Yes, I like the sensationalism. Every once in a while. We'll we'll bring it. Nathan, producer just dropped in our show notes. You said Paul was as offline as the CDK DMS to do? I don't know.

    Paul J Daly: 0:58

    I was. I still don't know who would have felt worse. But I was I was. I was full on not myself.

    Kyle Mountsier: 1:06

    I can guarantee you CDK felt worse than you did on on Friday. Yeah,

    Paul J Daly: 1:10

    they wish they just have my situation. Right.

    Kyle Mountsier: 1:12

    That's it. Everybody in the executive code. Give me a hard code.

    Paul J Daly: 1:17

    Give me the ability to like, be in bed for a minute. Right? Yeah, like that. So hey, the live stream we had a live stream last Friday. I actually watched it. Like in fetal position in bed. I hadn't like propped up next to me and I was watching you do the live stream? It you did such a great job. Ah, single hosting, right? No co hosts going in with the old monologue. Dude, that's old school that reminded me I was like, this is just like the original Sony stuff. It was man that his desk right? The only thing you were missing was a pen.

    Kyle Mountsier: 1:50

    I know. Right? I just have a little pan.

    Paul J Daly: 1:54

    Yeah, you had a little bit of a more of a handle on the situation than we did back then. I think little more confidence. But either way, I'll throw that back up. Nathan, we did have a live stream, you can go back and watch it. Basically, when this hit, we started coordinating getting dealers and industry partners together to share best practices about what they were doing. Some great stuff came out of that you can go back now and watch it. The link is in the show notes. I'm trying to think the best. The other best way to get to that. I mean, it's on our YouTube page. So today.

    Kyle Mountsier: 2:26

    It was actually if you go to ASOTU.com forward slash outage resources, perfect outage resources. It's linked there along with a series of other resources that industry partners across the industry have sent us as far as like articles, tips, free option opportunities, different sorts of documents that you that you can provide your team. So like it's all listed out there@asotu.com forward slash and

    Paul J Daly: 2:56

    there was a heck of a list too. Right. We had a we had dealers Daymond Lester Allen Bradley and Brian Kramer on. We had Dan shine automotive news on Todd kupuna. We had a lot of people just sharing a broad variety of things. And the resource list you know, we got your back. And now because we did it on Friday, like you can watch it at 1.5 speed Well,

    Kyle Mountsier: 3:16

    easy podcasts on on Yes,

    Paul J Daly: 3:20

    absolutely. Absolutely. What else we're doing a webinar this week two of the 26th. So Wednesday coming in hot with a webinar. It's as smooth as smooth edge webinar. So real quick shot 2030 minutes, having a lot of fun while we're learning a few things called we reawakened in your dealership with our friends at activator, probably kind of timely actually. We have Bobby Goudreau, Mike Whitlow of activator and Jake Blair, who's the GM of Tim doll, Mazda southtowne. basically talking about strategies get this to rebuild trust and adapt to new customer behaviors.

    Kyle Mountsier: 3:52

    It's never ending always got to do it.

    Paul J Daly: 3:54

    It's a good good time to lean into that stuff. For sure. You can get that but also going to asoto.com and just scroll for a second or maybe it's even above the fold. Now you just click on it. Join us, you'll get the recording. You can be there in person. It's fun to be in person because you can ask live questions and try to mess us up.

    Kyle Mountsier: 4:13

    Try messed up. Oh, segway Thank you.

    Paul J Daly: 4:19

    Hey, yo, we needed a strong segway coming back into life here. So after as of this weekend, we all kind of have been following and watching the news at CDK. Global has initiated the restoration process. So it looks like we are on the tail end. We don't know how long it's going to be following the crippling cyber attacks referred to by them over the weekend as a ransom event. So a little a lot more information actually at this point. The process is expected to take several days as they restore data restore systems and try to bring dealers some relief. Basically dealers have been all over re innovating how to do the thing how to sell cars how to do right Oros Um, meanwhile so this was sent to me by a dealer yesterday. Report from, I guess, I don't know we'll call it a nerd website called bleeping bleeping computer.com If they had a soundtrack, it would sound like how do I have the nerd alert one I haven't pressed in so long I used to have a nerd alert button. But basically a report by this website called bleeping computer.com claims to know the hacking group responsible for the hack, citing some anonymous sources that have also been providing them accurate data throughout this whole thing. Basically, the group is known as black suit. One word launched in May 2023. believe to be a rebrand of royal ransomware, which was in like a notorious hacker group. The Conte cybercrime syndicate said to have originated in Russia and European origins have hacked the city of Dallas, the FBI and the CIA SC have linked them to similar tactics, similar coding across all their encryption platforms and tide them over 350 attacks and over 275 million in ransom demands since September 2020 22. So that's what it seems to be right now. Right? Like we're reporting what it seems to be. Yeah, nothing

    Kyle Mountsier: 6:13

    has come out. And I mean, there was some speculation on the same group that did the MGM attacks last fall, as well. So there's still a lot of speculation. Apparently, CDK global has paid the ransom in order to complete the restoration process. There were some, like deep blog threads and even Reddit threads on on this over the weekend. So still a lot to come out from official news. But it seems like things are in progress. And we're probably a couple few days away from CDK, restoring a lot of dealership operations. So still a little bit of time to be had until we get kind of full up and running. But seems like things are on a good path. But man, what week?

    Paul J Daly: 6:58

    Well, I think there's gonna be a lot of new conversations started as a result of this around security. I mean, I've heard you talk about security, especially as we talk to work with some public groups and things like this, you talk about these layers of security, and how important they are. And, you know, for me, I'm like, Yeah, that sounds important. But I think people like me who were like, Yeah, it sounds important, like two weeks ago, or like, Tell me more?

    Kyle Mountsier: 7:21

    Well, I mean, you even on Friday, I got an email from NADA, saying that they had had some email hacking happening. And so some some people have gotten into email. So that was that was a new one. Yeah, this is when you look at auto, right? Because auto we, we don't recognize this. But really, we are financial institutions when it comes to the available data. So when you when you look at auto, it's very, very similar to like an Equifax or TransUnion. In the amount of data that is held. And a lot of the data is is held by third parties. It's held by contracted entities. And and the the scary thing for me is, is that so many dealers are being brought into this world of like having a hosted CDP or having their own internal CDP. And and the recognition of what that demands of burden. Yes, from a data security perspective, has to be there. Because these platforms have to bake it in your employees have to know what they can download and not download email and not email. You know, I wouldn't be surprised if you start seeing dealer groups adapt thing like things like ISO and or sock two, because they really are software companies. I feel

    Paul J Daly: 8:43

    it's for the people who don't know, can you explain ISO and sock two? Yeah, so they're basically SOC two, by the way. Yeah. So

    Kyle Mountsier: 8:49

    So yeah, so it's, it's it's essentially two different ways of looking at your data storage policies, as well as like your data communications and login policies, where you can be logged in where you can't be logged in what data you can store locally, or in clouds, what your password management solutions are, what's your even device management, messaging, communications, and it all rolls up into policies that have to be clearly communicated and audited on a biannual basis. And so like that type of rigor that software companies like a CDK, or Reynolds or, you know, any of these larger companies actually go through, are now going to probably be put into the dealers hands because that level of data scrutiny is going to be is going to be right on these larger, consolidated groups. A

    Paul J Daly: 9:37

    lot of times we see these these types of Wake Up Calls lead to overall better security, overall better experience moving in the future. Unfortunately, we had to learn it this way. And still our best wishes and all the support to our friends at CDK. And any dealer who's on the platform that we can help with. Please if there's nothing in the resource center, if you need a connection, you need an introduction. You need some ideas, whatever, reach out Through at ASOTU.com. If you have our information just reach out directly and speaking to going direct. Hey, oh, just hit me Hyundai Motor America is encouraging more dealers to join its Amazon retail program ahead of its consumer launch later this year. If you remember, they've just been allowing the platform to be open to employees, Randy Parker, Hyundai's us CEO updated dealers on the program's progress enabling shoppers to buy a Hyundai completely online on the Amazon platform. Basically, the email offered interested dealers, this isn't a guarantee of they'll be part of the program a chance to sign up via the online portal without a commitment touting benefits like access to millions of shoppers, and potential for incremental sale sales. Basically, the beta phase has gotten a lot of positive feedback from consumers and dealers with Amazon continuing to test and online the experience again with employees. However, they did say Amazon's onboarding, onboarding, capacity is limited, saying like how we're going to prioritize which dealer gets on the platform, Don Hall, our friend Don Hall, the president of the Virginia Auto Dealers Association expressed concerns about trade ins and leasing, saying, quote, We don't want to see this car sold off to outside folks who sell used cars online. It's not a small point. It's a big point.

    Kyle Mountsier: 11:22

    What are you getting into trades? Yeah, well, you know, in some early conversations I've had with some people that are close to this is that a lot of the transactions to date have been fairly cut and dry, fairly, you know, mid, mid high to high credit, you know, not a complicated trade situation. And so, you look at the scenarios that happen in a control group, compared to scenarios that happened in a broad consumer base. It's going to be interesting to see whether they can scale this up. And then also Yeah, what things like trades, where do they go? How do you make sure that it's done in a locale that makes sense for the dealership? From a both a delivery and a trade standpoint? For states that require deal box? How does that get get moved down? So still a lot of question marks around this, I you know, this this, to me is just a sales channel at this point that dealers can opt into or not and it's and it's really at the end of the day it is it is a higher value, qualified lead, right? That that you're getting yourself into and the the the level of transaction capacity that they get to with partners that are already in auto is yet to be determined but it's still just a decision you want to channel or not

    Paul J Daly: 12:45

    to high profile decision and we'll see what what comes of it. Hey, if you're watching the live stream today just want you to know we do release a daily newsletter you can go to us Oh to ASOTU.com get the free daily newsletter. It's a great quick read every morning summarizes the News gives you a few things you probably weren't thinking about more importantly connects you with 1000s of other people in the industry, who believe kind of what's on the shirts love people more than you love cars. That's how we all get better. All right. Speaking of I don't know how to I don't even know how to transition this one. Alright, I'm not gonna do a transition. Now speaking of child labor.

    Kyle Mountsier: 13:25

    So the introduction of a $35 that's all just a little bit more than a Happy Meal these days. Chick fil A summer camp for children aged five to 12 at a Louisiana location sold out home quick, but faced some criticism on social media. Okay, so Chick fil A is offering this new camp that offers a behind the scenes look at working at Chick fil A with sessions running for three hours over nine days in July. So it's like summer camp at a at a restaurant sounds amazing. Attendees receive a kid's meal, a t shirt, a nametag a snack, and you get to hang out with team leaders and none other than the Chick fil A mascot. That's fair. None of these kids are going to be in. Chick fil A representatives did clarify that the children will engage in activities with employees acting as counselors Yep, not performing staff tasks. The campus guard sparked a bunch of backlash on social media with accusations of promoting child labor. While supporters praise it for teaching work ethic and responsibility. Even Mike Rowe got in on the action, the host of Dirty Jobs. He defended the camp emphasizing the importance of teaching kids soft skills critical for their development.

    Paul J Daly: 14:38

    Okay, so there's some people I saw like an informal poll. People say like is this exploitation? I have no idea what world this feels like exploitation, because if I'm a parent, first of all, I'm a parent. And I already paid attention to Chick fil A My kids love it. They're paying me they'll take $35 In my money and they will keep my child occupied for a full morning, and the kids gonna come home happy and excited. I'm all in. Right like first. Secondly, teaching kids these skills and like for something they're already interested in, like, I my kids were like, What do you want to do? They're like, it's so cool to be a cashier at a grocery store. Right? I don't know if they still make the toys when I was a kid, like we had those toys, right? The little checkout Beep beep beep right. So I'm all for this. I think this is a great brilliant play by Chick fil A to get kids more interested in something they're already interested in and cultivate that young workforce that they need to keep going. providing those kids with a great environment to work in. I think auto dealers can take a cue from this. Because dealers, cars are exciting places. There's a lot of visual stuff kids are interested, like, and you don't even have to charge the 35 bucks.

    Kyle Mountsier: 15:49

    Now, I get a man who is having an awesome car. Well, and here's the thing, like when I look at this, you think about like Space Camp and all of these camps that kind of like promoted

    Paul J Daly: 15:58

    investment. 80s By the way, Oh, absolutely. But

    Kyle Mountsier: 16:02

    promoting career paths through through interactive learning as a kid, absolutely a way to go. And I saw I think, yeah, dealers, take a take a cue from this. Get some kids and, you know, learning from what's going on in a car dealership. Let's go. There

    Paul J Daly: 16:19

    you go. I feel like that felt like a healthy Monday show. If you showed up late and you want to know who the CDK hacker is, you're gonna have to like go back to the beginning of the show. Sign up for the email ASOTU.com Thanks for being here with us today.

    Get the daily email that makes reading the news actually enjoyable. Stay informed and entertained, for free.