1
00:00:03,120 --> 00:00:07,480
Speaker 1: Bloomberg Audio Studios, podcasts, radio news.

2
00:00:08,640 --> 00:00:11,680
Speaker 2: Deborah Griffith has been working with car dealerships on and

3
00:00:11,720 --> 00:00:15,960
Speaker 2: off for over forty years, processing warranty claims. A few

4
00:00:16,000 --> 00:00:19,000
Speaker 2: weeks ago in mid June, she logged onto her computer

5
00:00:19,040 --> 00:00:21,599
Speaker 2: at work and noticed that a key bit of software

6
00:00:21,640 --> 00:00:25,840
Speaker 2: she uses, made by a company called CDK, had stopped working.

7
00:00:26,320 --> 00:00:29,280
Speaker 3: I've never experienced anything like that. I'm like, what in

8
00:00:29,320 --> 00:00:30,280
Speaker 3: the world is going on.

9
00:00:32,159 --> 00:00:35,559
Speaker 2: CDK is used by an overwhelming majority of dealers in

10
00:00:35,560 --> 00:00:40,120
Speaker 2: the country to track purchases, parts, and warranties. But CDK

11
00:00:40,320 --> 00:00:44,880
Speaker 2: had been offline for hours. Short outages weren't that unusual.

12
00:00:45,240 --> 00:00:48,080
Speaker 2: What was strange this time was that Deborah hadn't seen

13
00:00:48,120 --> 00:00:51,639
Speaker 2: an update from CDK about any upgrades or maintenance.

14
00:00:52,280 --> 00:00:56,760
Speaker 3: CDK has a service portal, and if something goes wrong nationwide,

15
00:00:56,760 --> 00:00:59,360
Speaker 3: they'll put a message on there, like like any website

16
00:00:59,400 --> 00:01:02,640
Speaker 3: you know works experiencing this outage, you know, and we're

17
00:01:02,640 --> 00:01:05,880
Speaker 3: working on it, you know, something like that, And there

18
00:01:05,920 --> 00:01:06,720
Speaker 3: was nothing there.

19
00:01:07,920 --> 00:01:10,960
Speaker 2: Eventually, Deborah got a call from one of her contacts.

20
00:01:11,240 --> 00:01:13,920
Speaker 3: He called me and he said, I just got a

21
00:01:13,920 --> 00:01:17,520
Speaker 3: call from CDK corporate. Everyone has to log out right

22
00:01:17,560 --> 00:01:19,600
Speaker 3: now and he goes, I mean, right now, there's something

23
00:01:19,640 --> 00:01:23,680
Speaker 3: going on. They've been hacked. You know, tell your bosses,

24
00:01:23,800 --> 00:01:26,200
Speaker 3: call your company and tell them everyone needs to log

25
00:01:26,240 --> 00:01:26,959
Speaker 3: out right now.

26
00:01:28,120 --> 00:01:31,560
Speaker 2: Activity at dealerships across North America ground to a halt

27
00:01:31,760 --> 00:01:34,920
Speaker 2: as CDK shut down its systems on June nineteenth in

28
00:01:34,959 --> 00:01:39,360
Speaker 2: response to the hack. Dealers couldn't access their inventory, buyers

29
00:01:39,400 --> 00:01:42,959
Speaker 2: couldn't get cars off the lot, and Deborah couldn't process

30
00:01:43,040 --> 00:01:47,319
Speaker 2: any warranty claims. Just how disruptive was this to the

31
00:01:47,400 --> 00:01:48,360
Speaker 2: work that you try to do?

32
00:01:49,080 --> 00:01:54,720
Speaker 3: Very absolutely, very very There's nothing, absolutely nothing I can do,

33
00:01:55,960 --> 00:01:56,920
Speaker 3: absolutely nothing.

34
00:01:59,160 --> 00:02:02,480
Speaker 2: Summer is a particularly important time for the car industry,

35
00:02:03,040 --> 00:02:06,560
Speaker 2: and in the middle of a crucial season, buyers, dealers,

36
00:02:06,600 --> 00:02:09,880
Speaker 2: and owners looking to repair their vehicles were left in

37
00:02:09,919 --> 00:02:14,000
Speaker 2: the lurch. Data out on Tuesday showed slowing growth for

38
00:02:14,160 --> 00:02:17,800
Speaker 2: US car sales. Toyota reported a dip of one point

39
00:02:17,840 --> 00:02:20,960
Speaker 2: two percent in June compared to last year, while Kia

40
00:02:21,040 --> 00:02:25,000
Speaker 2: saw a six point five percent decrease. Some companies that

41
00:02:25,120 --> 00:02:28,720
Speaker 2: reported their quarterly earnings saw slight jumps in sales in

42
00:02:28,840 --> 00:02:32,840
Speaker 2: Q two. For General Motors appoint six percent rise, but

43
00:02:33,040 --> 00:02:36,320
Speaker 2: that's compared to an increase of nineteen percent last year.

44
00:02:36,440 --> 00:02:38,240
Speaker 1: It's millions of dollars worth of sales.

45
00:02:38,520 --> 00:02:42,040
Speaker 2: Bloomberg Senior Technology editor Dana Wallman has been leading a

46
00:02:42,040 --> 00:02:43,880
Speaker 2: team that's been reporting on the hack.

47
00:02:44,160 --> 00:02:46,880
Speaker 1: I mean, even single car dealerships are saying that they've

48
00:02:46,880 --> 00:02:51,280
Speaker 1: lost millions of dollars in transactions. It really is. It's huge.

49
00:02:51,600 --> 00:02:54,880
Speaker 2: According to independent outlets, the group behind the hack is

50
00:02:54,960 --> 00:02:58,440
Speaker 2: known as Black Suit, and they reportedly demanded a ransom

51
00:02:58,560 --> 00:03:02,520
Speaker 2: of tens of millions, of a ransom that Bloomberg is

52
00:03:02,560 --> 00:03:06,880
Speaker 2: reporting CDK agreed to pay because the consequences of keeping

53
00:03:06,919 --> 00:03:11,079
Speaker 2: CDK offline for long would be devastating for the car industry.

54
00:03:11,560 --> 00:03:15,040
Speaker 1: It's last sales during a busy period, and I don't

55
00:03:15,080 --> 00:03:17,400
Speaker 1: know that all dealerships will be able to make that up.

56
00:03:20,440 --> 00:03:23,639
Speaker 2: Today on the show, how a sophisticated group of hackers

57
00:03:23,800 --> 00:03:27,120
Speaker 2: took down the car sales industry for a few crucial weeks,

58
00:03:27,639 --> 00:03:30,160
Speaker 2: What the road to recovery for dealerships will look like,

59
00:03:30,639 --> 00:03:34,280
Speaker 2: and where hackers might target next. I'm Sarah Holder, and

60
00:03:34,320 --> 00:03:41,360
Speaker 2: this is the big take from Bloomberg News. The software

61
00:03:41,440 --> 00:03:45,760
Speaker 2: company CDK Global is not exactly a household name, says

62
00:03:45,760 --> 00:03:48,400
Speaker 2: Bloomberg Senior Technology editor Dana Wallman.

63
00:03:48,640 --> 00:03:51,440
Speaker 1: CDK is not a company I'd heard of, admittedly, before

64
00:03:51,480 --> 00:03:53,920
Speaker 1: this story broke, I actually don't know how many of

65
00:03:53,920 --> 00:03:56,400
Speaker 1: my colleagues had heard of this, and I'm guessing a

66
00:03:56,440 --> 00:03:58,640
Speaker 1: lot of our readers had not heard of this company either.

67
00:03:58,960 --> 00:04:02,920
Speaker 2: But for car dealership across North America, the custom software

68
00:04:03,000 --> 00:04:05,760
Speaker 2: CDK provides is mission critical.

69
00:04:06,160 --> 00:04:10,120
Speaker 1: It's used to manage pretty much every aspect of their

70
00:04:10,200 --> 00:04:14,120
Speaker 1: day to day business, from scheduling appointments to tracking inventory

71
00:04:15,040 --> 00:04:19,880
Speaker 1: in addition to completing transactions. So without that software, business

72
00:04:19,960 --> 00:04:21,520
Speaker 1: would ground to a halt and.

73
00:04:21,520 --> 00:04:24,440
Speaker 2: Has Chances are if you've bought a car at a

74
00:04:24,480 --> 00:04:27,680
Speaker 2: dealership in the US, your data has gone through the software.

75
00:04:28,200 --> 00:04:31,880
Speaker 2: It's used by around fifteen thousand auto dealers in North America.

76
00:04:32,279 --> 00:04:35,599
Speaker 2: They do have competitors, but they clearly are the dominant

77
00:04:35,600 --> 00:04:41,000
Speaker 2: player in this very specialized field. According at least to

78
00:04:41,680 --> 00:04:45,640
Speaker 2: CDK itself, before this attack, the transactions that were being

79
00:04:45,720 --> 00:04:48,760
Speaker 2: done through the software accounted for something like two percent

80
00:04:48,920 --> 00:04:53,679
Speaker 2: of GDP for context, that's around five hundred and sixty

81
00:04:53,720 --> 00:04:58,560
Speaker 2: five billion dollars. This near monopoly makes CDK a healthy profit.

82
00:04:58,960 --> 00:05:02,279
Speaker 2: The company was acquired by the asset management company Brookfield

83
00:05:02,400 --> 00:05:05,080
Speaker 2: for eight point three billion dollars a little over two

84
00:05:05,120 --> 00:05:08,839
Speaker 2: years ago, but its status also makes the company a

85
00:05:08,960 --> 00:05:11,200
Speaker 2: vulnerable mark for a cyber attack.

86
00:05:12,400 --> 00:05:15,480
Speaker 1: It began on Juneteenth, a federal holiday in the US,

87
00:05:15,520 --> 00:05:17,680
Speaker 1: and it was a day that car dealers were expecting

88
00:05:17,720 --> 00:05:20,839
Speaker 1: to be a busy sales day during what is already seasonally,

89
00:05:20,880 --> 00:05:22,560
Speaker 1: mind you, a busy season.

90
00:05:23,080 --> 00:05:27,800
Speaker 2: That day, news broke that an experienced cybercrime operation called

91
00:05:27,839 --> 00:05:30,280
Speaker 2: black Suit, which we'll get into in a little bit,

92
00:05:30,680 --> 00:05:34,640
Speaker 2: had breached the CDK system that forced CDK to shut

93
00:05:34,680 --> 00:05:38,679
Speaker 2: down the system as they dealt with the disruption, CDK

94
00:05:38,800 --> 00:05:42,280
Speaker 2: has said it anticipates everything will be back online by Thursday,

95
00:05:42,440 --> 00:05:45,640
Speaker 2: the fourth of July holiday, but in the meantime, for

96
00:05:45,760 --> 00:05:49,239
Speaker 2: all the dealerships that rely on its service, losing access

97
00:05:49,240 --> 00:05:51,719
Speaker 2: to CDK has been like trying to work as an

98
00:05:51,720 --> 00:05:55,359
Speaker 2: Instagram influencer with Instagram down, or trying to make a

99
00:05:55,400 --> 00:06:00,320
Speaker 2: podcast during a slackoutage. It's extremely disrupt.

100
00:06:02,080 --> 00:06:05,119
Speaker 1: It either entirely or mostly brought business to a halt

101
00:06:05,120 --> 00:06:08,720
Speaker 1: at these dealerships. It wasn't just like they couldn't complete

102
00:06:08,760 --> 00:06:10,800
Speaker 1: sales of cars. We know that, but there are other

103
00:06:10,839 --> 00:06:12,560
Speaker 1: things that I didn't even think about that a car

104
00:06:12,640 --> 00:06:15,839
Speaker 1: dealership might be doing, like trying to swap inventory with

105
00:06:15,880 --> 00:06:19,839
Speaker 1: another dealer, for instance, maybe another dealer has a specific

106
00:06:20,560 --> 00:06:24,640
Speaker 1: configuration of a car that your customer wants. Another specific

107
00:06:24,680 --> 00:06:28,760
Speaker 1: example was the finding of replacement parts. There's a database

108
00:06:28,920 --> 00:06:32,360
Speaker 1: where you could look up parts for customers who need something.

109
00:06:32,880 --> 00:06:36,360
Speaker 1: Locating those parts is very hard when they're tracked online

110
00:06:36,600 --> 00:06:40,000
Speaker 1: or indexed online and you can't get to those systems.

111
00:06:40,160 --> 00:06:43,680
Speaker 1: Many of these dealerships were out of service and they

112
00:06:43,680 --> 00:06:46,159
Speaker 1: were either not serving customers or they were sort of

113
00:06:46,200 --> 00:06:49,719
Speaker 1: resorting to this old fashioned way of dealing with people.

114
00:06:49,680 --> 00:06:53,560
Speaker 2: And data does mean old fashioned. Workers at these dealerships

115
00:06:53,560 --> 00:06:57,760
Speaker 2: started handwriting contracts and logging oil changes on paper, and

116
00:06:57,800 --> 00:07:00,760
Speaker 2: a few had to rely on their intuition some pretty

117
00:07:00,800 --> 00:07:04,640
Speaker 2: critical decisions, like trying to gauge if buyers had good

118
00:07:04,760 --> 00:07:06,800
Speaker 2: enough credit to drive off with a car.

119
00:07:07,080 --> 00:07:11,280
Speaker 1: In a sense, just using their gut to make these decisions.

120
00:07:11,280 --> 00:07:14,400
Speaker 1: It would otherwise be driven by data, really and hard numbers.

121
00:07:14,680 --> 00:07:17,840
Speaker 2: Obviously, this has all been a huge pain for car

122
00:07:17,880 --> 00:07:21,960
Speaker 2: sellers and for CDK, which is now facing lawsuits from dealers,

123
00:07:22,120 --> 00:07:27,360
Speaker 2: repair shops, and customers. Those customers have something else important

124
00:07:27,400 --> 00:07:30,880
Speaker 2: on the line, all that personal data the hackers also

125
00:07:30,960 --> 00:07:35,760
Speaker 2: presumably got when they accessed cdk's systems. Should consumers be

126
00:07:35,800 --> 00:07:37,160
Speaker 2: worried about this hack at all?

127
00:07:37,400 --> 00:07:39,640
Speaker 1: I would be worried, and certainly in our reporting we've

128
00:07:39,640 --> 00:07:44,800
Speaker 1: found that customers themselves have express worry. We visited some

129
00:07:44,840 --> 00:07:48,480
Speaker 1: car dealerships in person and have found that, aside from

130
00:07:48,520 --> 00:07:52,280
Speaker 1: the fact that the hack brought these systems to a halt,

131
00:07:52,680 --> 00:07:55,960
Speaker 1: a more hidden impact of this hack is that customers

132
00:07:56,000 --> 00:07:58,760
Speaker 1: are now wary of buying a car. They have read

133
00:07:58,760 --> 00:08:02,360
Speaker 1: about this attack is the press and are a little

134
00:08:02,360 --> 00:08:06,480
Speaker 1: nervous about handing over data to car dealerships. So I

135
00:08:06,520 --> 00:08:09,240
Speaker 1: think beyond the question of should car shoppers be nervous,

136
00:08:09,280 --> 00:08:12,120
Speaker 1: they are nervous, and it is having a hard to

137
00:08:12,160 --> 00:08:16,560
Speaker 1: measure impact on car sales, even on top of the

138
00:08:16,560 --> 00:08:20,400
Speaker 1: fact that a slowdown in modern systems is making it

139
00:08:20,440 --> 00:08:21,320
Speaker 1: hard to transact.

140
00:08:22,160 --> 00:08:26,240
Speaker 2: Coming up after the break, it's not just cars. We

141
00:08:26,320 --> 00:08:29,400
Speaker 2: break down who is behind the CDK hack and why

142
00:08:29,520 --> 00:08:39,640
Speaker 2: other companies should be on high alert. So here's where

143
00:08:39,640 --> 00:08:43,679
Speaker 2: things stand. For nearly two weeks, thousands of car dealerships

144
00:08:43,679 --> 00:08:47,160
Speaker 2: across the country have been unable to access CDK software,

145
00:08:47,559 --> 00:08:51,440
Speaker 2: which is crucial for everything from assessing credit worthiness to

146
00:08:51,520 --> 00:08:54,960
Speaker 2: figuring out what cars are available to be sold. That's

147
00:08:55,000 --> 00:08:58,720
Speaker 2: resulted in millions of dollars in lost sales, and Bloomberg

148
00:08:58,800 --> 00:09:02,480
Speaker 2: Senior Technology editor Dana Walman says figuring out who was

149
00:09:02,559 --> 00:09:07,440
Speaker 2: behind the attack wasn't easy. Who is the hacking group

150
00:09:07,520 --> 00:09:08,320
Speaker 2: behind the attack?

151
00:09:09,120 --> 00:09:10,800
Speaker 1: So today at least they're called black Suit, and I

152
00:09:10,880 --> 00:09:14,880
Speaker 1: say today at least because these groups do intentionally change

153
00:09:14,920 --> 00:09:18,719
Speaker 1: their names, often to make themselves harder to track and

154
00:09:19,040 --> 00:09:19,760
Speaker 1: keep tabs on.

155
00:09:20,160 --> 00:09:24,480
Speaker 2: According to security experts, before Blacksuit was black Suit, they

156
00:09:24,520 --> 00:09:28,760
Speaker 2: were also known as Royal. That group was responsible for

157
00:09:28,800 --> 00:09:31,440
Speaker 2: a cyber attack about a year ago that forced the

158
00:09:31,480 --> 00:09:35,200
Speaker 2: city of Dallas to shut down its computer systems, including

159
00:09:35,240 --> 00:09:38,760
Speaker 2: one that the local fire department relies on to track emergencies,

160
00:09:39,520 --> 00:09:43,280
Speaker 2: for four days. Firefighters in Dallas resorted to moving magnets

161
00:09:43,280 --> 00:09:45,840
Speaker 2: around on a map to keep tabs on incidents and

162
00:09:45,880 --> 00:09:49,800
Speaker 2: manage their crews. Some of Royal's members came from one

163
00:09:49,840 --> 00:09:54,400
Speaker 2: of the most notorious hacking groups ever, Kanti, meaning Black Suit,

164
00:09:54,559 --> 00:09:57,880
Speaker 2: has a pretty distinguished pedigree.

165
00:09:58,240 --> 00:10:03,760
Speaker 1: They are really experienced group of hackers and extortionists. We

166
00:10:03,840 --> 00:10:06,040
Speaker 1: describe them as sort of low key and business like,

167
00:10:06,440 --> 00:10:09,000
Speaker 1: as if to say they're not trying to disrupt anyone.

168
00:10:09,040 --> 00:10:10,280
Speaker 1: They're just trying to run a business.

169
00:10:12,559 --> 00:10:16,840
Speaker 2: To run that business, Blacksuit uses a two pronged approach.

170
00:10:17,280 --> 00:10:19,240
Speaker 1: First of all, they engage in what we've called in

171
00:10:19,280 --> 00:10:21,920
Speaker 1: our reporting double extortion, that is the shutting down of

172
00:10:21,960 --> 00:10:26,679
Speaker 1: services and also the threat to publish user data online.

173
00:10:27,360 --> 00:10:31,920
Speaker 1: And we've also described them in a reporting as offering what's

174
00:10:31,920 --> 00:10:33,520
Speaker 1: called ransomware as a service.

175
00:10:34,440 --> 00:10:38,719
Speaker 2: Ransomware as a service, Dana says that means that Blacksuit

176
00:10:38,840 --> 00:10:42,760
Speaker 2: essentially offers up its skill set hacking vulnerable companies or

177
00:10:42,800 --> 00:10:46,640
Speaker 2: school districts or libraries to whoever wants to pay for it.

178
00:10:47,160 --> 00:10:50,120
Speaker 1: In discussing this with my colleagues, I had first likened

179
00:10:50,120 --> 00:10:53,360
Speaker 1: it to mercenaries, and one of my colleagues said, no, actually,

180
00:10:53,360 --> 00:10:55,959
Speaker 1: they're more like arms dealers. Even if they're not committing

181
00:10:55,960 --> 00:10:58,679
Speaker 1: the attack themselves, they are providing the cyber weapon and

182
00:10:58,720 --> 00:11:01,760
Speaker 1: someone else is using them to commit the attack, and

183
00:11:01,800 --> 00:11:04,760
Speaker 1: then everyone behind the scenes is profiting off of it.

184
00:11:05,160 --> 00:11:08,719
Speaker 2: Sources have told Bloomberg that in general, Blacksuit demands a

185
00:11:08,800 --> 00:11:12,120
Speaker 2: ransom of anywhere between three hundred thousand dollars and five

186
00:11:12,200 --> 00:11:16,400
Speaker 2: million dollars, and Blacksuit demanded tens of millions of dollars

187
00:11:16,480 --> 00:11:19,480
Speaker 2: from CDK, which planned to pay the ransom. According to

188
00:11:19,520 --> 00:11:22,640
Speaker 2: a source who spoke to Bloomberg, they themselves have not

189
00:11:23,480 --> 00:11:26,640
Speaker 2: listed CDK as a victim on their website, which we've

190
00:11:26,679 --> 00:11:30,520
Speaker 2: reported is typical practice for them. Actually, they have on

191
00:11:30,559 --> 00:11:34,480
Speaker 2: their website about close to one hundred victims listed, and

192
00:11:34,520 --> 00:11:37,360
Speaker 2: those are just the ones who are listed. If if

193
00:11:37,400 --> 00:11:40,400
Speaker 2: a victim did pay an extortion fee, their names don't

194
00:11:40,400 --> 00:11:44,080
Speaker 2: even appear. And CDK, we've reported, intended to pay the ransomware.

195
00:11:44,480 --> 00:11:47,080
Speaker 1: And also it's just in general, it is hard to

196
00:11:47,080 --> 00:11:50,040
Speaker 1: get hackers to comment for a story on Bloomberg.

197
00:11:50,800 --> 00:11:53,720
Speaker 2: So far, it's unclear if black Suit was acting on

198
00:11:53,760 --> 00:11:58,320
Speaker 2: its own behalf or on behalf of someone else. The

199
00:11:58,360 --> 00:12:00,920
Speaker 2: thing that I found so surprising was how black Suit

200
00:12:01,000 --> 00:12:04,760
Speaker 2: went about getting access to cdk's systems. Dana says they

201
00:12:04,760 --> 00:12:08,680
Speaker 2: did it through what's known as social engineering. In practice,

202
00:12:08,760 --> 00:12:14,120
Speaker 2: that meant posing as employees. That's right, hackers posed as

203
00:12:14,160 --> 00:12:18,480
Speaker 2: employees to trick customers into helping them access the company's systems.

204
00:12:18,760 --> 00:12:21,000
Speaker 1: And it is a reminder too that not all hacking

205
00:12:21,080 --> 00:12:24,160
Speaker 1: is what we imagine from seeing the movies, seeing hackers

206
00:12:24,160 --> 00:12:28,599
Speaker 1: depicted in the movies. It isn't necessarily an exploitation of

207
00:12:28,600 --> 00:12:32,080
Speaker 1: a vulnerability and code. There is sometimes this element of

208
00:12:32,840 --> 00:12:34,960
Speaker 1: really convincing persuasion.

209
00:12:35,240 --> 00:12:37,520
Speaker 2: Right. They didn't have to pack into the mainframe as

210
00:12:37,520 --> 00:12:39,480
Speaker 2: we think of it. They literally had to just pretend

211
00:12:39,520 --> 00:12:42,960
Speaker 2: they were employee and get access that way. In part, yeah,

212
00:12:43,520 --> 00:12:47,600
Speaker 2: security analysts say CDK isn't the first organization to fall

213
00:12:47,640 --> 00:12:52,080
Speaker 2: prey to Blacksuit's tactics. Recent victims also include the Kansas

214
00:12:52,120 --> 00:12:55,760
Speaker 2: City Police Department and a school district in Georgia. But

215
00:12:55,880 --> 00:12:59,000
Speaker 2: Dana says there's one sector in particular that she's most

216
00:12:59,040 --> 00:13:00,000
Speaker 2: worried about.

217
00:13:00,160 --> 00:13:03,000
Speaker 1: The world of healthcare, electronic healthcare providers. It is a

218
00:13:03,080 --> 00:13:05,400
Speaker 1: huge industry, but I wouldn't say there's a ton of

219
00:13:06,080 --> 00:13:09,560
Speaker 1: variety in that industry. I don't think it's that uncommon

220
00:13:09,559 --> 00:13:14,320
Speaker 1: to see a quasi monopoly like the kind that CDK has,

221
00:13:14,880 --> 00:13:18,000
Speaker 1: and I think a similar dynamic where once these companies

222
00:13:18,040 --> 00:13:21,480
Speaker 1: are onboarded onto this software, it is difficult for them

223
00:13:21,840 --> 00:13:25,880
Speaker 1: to get out and transfer to another piece of software,

224
00:13:25,920 --> 00:13:28,359
Speaker 1: whether it's because they're locked into a five year contract,

225
00:13:28,640 --> 00:13:31,439
Speaker 1: or it's difficult to migrate their data to something else,

226
00:13:32,200 --> 00:13:33,920
Speaker 1: or because you've got all these employees who you have

227
00:13:33,920 --> 00:13:35,839
Speaker 1: to train on new software when they could otherwise be

228
00:13:35,920 --> 00:13:37,400
Speaker 1: getting work done.

229
00:13:37,720 --> 00:13:41,800
Speaker 2: Recently, Britain's National Health Service said it was investigating claims

230
00:13:41,920 --> 00:13:46,800
Speaker 2: that hackers had published confidential data stolen from several London hospitals.

231
00:13:47,120 --> 00:13:51,000
Speaker 1: The hackers got access to this really sensitive patient data

232
00:13:51,000 --> 00:13:53,760
Speaker 1: involving people's blood work and pregnant women.

233
00:13:54,160 --> 00:13:57,760
Speaker 2: With the stakes around data vulnerability getting higher, I asked

234
00:13:57,800 --> 00:14:01,280
Speaker 2: data if cdk's decision to pay the ransom could set

235
00:14:01,280 --> 00:14:04,280
Speaker 2: a bad precedent. There's a school of thought that paying

236
00:14:04,360 --> 00:14:06,920
Speaker 2: ransom will only encourage future hackers.

237
00:14:07,360 --> 00:14:11,160
Speaker 1: Is that a worry here? I mean, without me editorializing myself,

238
00:14:11,559 --> 00:14:15,680
Speaker 1: it is an active debate in the cybersecurity community, and

239
00:14:15,720 --> 00:14:19,680
Speaker 1: I think there are people who do subscribe to the

240
00:14:19,720 --> 00:14:23,360
Speaker 1: school of thought that as hard as it is to

241
00:14:23,400 --> 00:14:26,760
Speaker 1: be named publicly and shamed and to accept the impacts

242
00:14:27,480 --> 00:14:30,960
Speaker 1: that more broadly speaking, pulling the lens back, it is

243
00:14:31,000 --> 00:14:34,360
Speaker 1: destructive in a longer term way to keep paying these ransoms.

244
00:14:34,360 --> 00:14:36,800
Speaker 1: I would not say there's a consensus on that necessarily,

245
00:14:36,880 --> 00:14:39,720
Speaker 1: but it does seem to be an active source of

246
00:14:39,760 --> 00:14:42,480
Speaker 1: debate in the cyber threat community.

247
00:14:43,000 --> 00:14:46,880
Speaker 2: Either way, Dana says that the CDK situation isn't likely

248
00:14:46,920 --> 00:14:49,240
Speaker 2: to be the last one, and that the trend is

249
00:14:49,280 --> 00:14:53,560
Speaker 2: towards more potentially devastating consequences than not being able to

250
00:14:53,600 --> 00:14:54,280
Speaker 2: buy a car.

251
00:14:55,000 --> 00:14:59,960
Speaker 1: These attacks seem relentless, and they have felt especially vicious.

252
00:15:00,480 --> 00:15:03,600
Speaker 2: The CDK hack serves as a warning for any industries

253
00:15:03,640 --> 00:15:06,840
Speaker 2: that are overly reliant on one piece of software, Dana says.

254
00:15:07,560 --> 00:15:10,560
Speaker 2: But for now, Deborah Griffith is still just trying to

255
00:15:10,560 --> 00:15:12,960
Speaker 2: deal with the mess this hack has created for her.

256
00:15:14,880 --> 00:15:19,120
Speaker 3: So, I mean, it's yeah, chaos. That word you use

257
00:15:19,280 --> 00:15:20,160
Speaker 3: is a very good word.

258
00:15:21,200 --> 00:15:25,120
Speaker 2: You know what might happen if CDK doesn't get everything

259
00:15:25,200 --> 00:15:28,400
Speaker 2: back online by July fourth? How might that affect the industry?

260
00:15:28,680 --> 00:15:31,280
Speaker 3: I mean, if you're in a dealership, especially the service department,

261
00:15:31,320 --> 00:15:34,600
Speaker 3: you know, every time something breaks that you don't want

262
00:15:34,600 --> 00:15:36,360
Speaker 3: to break, you know, you can't just sit back and

263
00:15:36,360 --> 00:15:38,560
Speaker 3: wine about it. You know, you just have to roll

264
00:15:38,600 --> 00:15:41,000
Speaker 3: with it, and you have to, you know, come up

265
00:15:41,000 --> 00:15:43,720
Speaker 3: with a solution. Don't cry about the reason why. You know.

266
00:15:50,040 --> 00:15:53,040
Speaker 2: This is the big take from Bloomberg News. I'm Sarah Holder.

267
00:15:53,520 --> 00:15:56,760
Speaker 2: This episode was produced by Alex Sugiura. It was edited

268
00:15:56,760 --> 00:16:00,840
Speaker 2: by Aaron Edwards. It was mixed by Rishi Bajakol. It

269
00:16:00,920 --> 00:16:04,000
Speaker 2: was fact checked by Thomas lu Our senior producers are

270
00:16:04,080 --> 00:16:08,000
Speaker 2: Naomi Shaven and Kim Gettleson. Our senior editor is Elizabeth Ponso,

271
00:16:08,600 --> 00:16:12,800
Speaker 2: Nicole bimsterbor is our executive producer. Sage Bauman is Bloomberg's

272
00:16:12,840 --> 00:16:15,960
Speaker 2: head of podcasts. If you liked this episode, make sure

273
00:16:16,000 --> 00:16:18,600
Speaker 2: to subscribe and review The Big Take wherever you listen

274
00:16:18,640 --> 00:16:23,280
Speaker 2: to podcasts. It helps people find the show. Thanks so

275
00:16:23,360 --> 00:16:25,760
Speaker 2: much for listening. We'll be off tomorrow for the fourth

276
00:16:25,800 --> 00:16:31,720
Speaker 2: of July, but we'll be back on Friday.