RSM has urged car dealers across the UK to prioritise enhanced cyber security in response to increasing concern around the number of cyber-attacks across the sector.

Its advice comes just weeks after AM100 PLC Pendragon revealed that it had become motor retail's latest victim to hackers, with reports suggesting the car retail group had been issues with a $60 million (£53m) ransom demand.

While The Times reported that Pendragon had remained defiant, refusing to take part in discussions about payment and instead taking steps to ramp-up the protection of its IT systems, RSM points out that car retailers need to minimise their vulnerability to attacks.

Sheila Pancholi, RSM’s technology risk assurance partner, said: “The cyber threat landscape is ever changing; we live in an increasingly interconnected world. Whilst this affords us the benefit of accessing data and resources using a multitude of devices and from remote locations, it also provides a much larger attack surface.

“Since the onset of the COVID-19 pandemic, we have seen an increased number of staff working remotely and from personal devices.

“IT departments rushed to provide remote additional access to resources and looked to third parties for cloud computing, simplifying remote access to systems, and providing effective capacity management.

“As a consequence, there are many more routes to data, more data traversing the public internet, and people accessing emails from both corporate and personal devices.”

Highlighting a further risk posed by increased home working in the post-pandemic period, Pancholi added: “We have an increased use of Internet of Things (IoT) devices such as home smart printers and smart speakers, which are all connected to home wireless networks but not subjected to corporate security policies.

“These devices allow less secure access to the extended network that is no longer just corporate infrastructure, it now extends into the homes of staff.”

To put Pancholi’s observations into context, RSM revealed the following cyber statistics:

• 95% of cybersecurity breaches are caused by human error (Cybint).
• On average, only 5% of companies’ folders are properly protected (Varonis).
• 86% of breaches were financially motivated and 10% were motivated by espionage (Verizon).
• 45% of breaches featured hacking, 17% involved malware and 22% involved phishing (Verizon).

In a guest opinion written for AM recently Bernard Montel, EMEA technical director and security strategist at Tenable, revealed how connected EVs had increased the sector’s vulnerability to cyber crimes.

RSM said that businesses’ cyber security risks are often exacerbated by an inherent lack of security and awareness training as well as a lack of critical cyber controls.

Alison Ashley, RSM’s head of motor retail, said: “We have seen a worrying flurry of headlines related to serious instances of cyber-attacks in the sector.

“Cyber criminals are indiscriminate of sectors or size of businesses, and there are undoubtedly many more instances which are not in the public domain.

“Dealer groups of all sophistication and size need to regularly review and test their IT infrastructure’s resilience to attack.” 

Pancholi added: “Often when conducting cyber security due diligence we come across a number of serious vulnerabilities for ransomware including out of date server operating systems, ineffective patch management and lack of password controls.

“Other problems arise through a lack of security and awareness training, privileged access issues, and non-secure backup procedures or controls.

“To mitigate risk, dealers need to ensure a governance strategy and organisation is in place, apply a framework for benchmarking and gap-analysis, conduct threat modelling and testing and carry out digital footprint mapping.

“The main area of focus for dealers should be breach readiness preparation, and getting their incident response capabilities prepared for the ‘when’ not ‘if’.”