CDK Global, a company that provides software for thousands of auto dealers in the U.S. and Canada, was hit by back-to-back cyberattacks Wednesday. That led to an outage that has continued to impact operations.
For prospective car buyers, that’s meant delays at dealerships or vehicle orders written up by hand. There’s no immediate end in sight, but CDK says it expects the restoration process to take “several days” to complete.
I was about to comment similarly.
This is why I always advocate against cloud and “always connected” services for critical line-of-business software (and software for personal use, but that’s a slightly different but also similar argument).
I’m unclear if CDK is a cloud service that’s offline for customers, but it sure sounds like it. The other possibility is a supply-chain attack which affected local installs, such as what happened with SolarWinds a few years ago, but with that many dealerships being simultaneously affected by CDK shutting down their systems, it seems more like the former.
In an ideal world, that would be the case. But as is often the case with niche business software, there’s usually only a few players (if that many), and any newcomers are either bought out or can’t compete.
Isn’t that monopolistic though? I realize this is a pipe dream, but wouldn’t it be theoretically possible to use the law to stop that?
I don’t know much about the market for car dealership software, but I work for a non-profit that deals with environmental remediation. Finding LOB software that meets our needs is an absolute nightmare because it’s so niche. What we can find is either crazy expensive, doesn’t do what we need it to do, is from some terrible fly-by-night vendor, or some combination of those. So when you do find something that mostly meets your needs, you pretty much have to take what you can get.
The government can incentivize or contract out companies to write software, but AFAIK, they can’t compel any company to do so. IANAL, but I would also assume they’d need to stop approving any M&As that may be contributing to market consolidation
You basically nailed it with “pipe dream”.
I guess the only other option would be for the companies to write the software themselves, which they don’t have the time or the money to hire people to do, I’m sure.
Right.
In reality, we’d end up with about a million Access “databases” (or Excel files) getting emailed around, lost, stolen, corrupted, etc (ask me how I know that lol).