Sometimes it’s not the Star Wars cybersecurity failure that plague dealerships. One of the most prevalent of this is the ubiquitous Wi-Fi network not being configured properly, setting up hackers to exploit.
If there is one cybersecurity measure that dealerships need to address urgently, it’s the dangerous Wi-Fi setups proliferating in car dealerships. Immediate action is crucial to prevent potential cyber threats.
Point One
Providing shared or publicly connected Wi-Fi for your store to serve your accounting team, sales, and service operations, and waiting for customers, your store and its networks are ripe for cyber infiltration. This sort of Wi-Fi scenario is too dangerous for you today. Here are a few:
- Infecting networks with viruses, malware and worms
- Capturing log-in credentials
- Accessing unencrypted Connections
- Accessing third-party systems connected to your network, and more
A recent Forbes Advisor survey found that 40 percent of respondents had their information compromised while using public Wi-Fi.
How do you keep this Wi-Fi device for internal systems use—for back office, sales, service, general management, outside vendors, and financing sources? Protect this Wi-Fi as would your shared network, secure for your customers, then? Insist on up-to-date virus, ransomware, and malware software on devices this shared Wi-Fi serves.
Additionally, install a Virtual Private Network (VPN) on this shared or public line. The VPN encrypts the data flow between users of this WI-FI and what users connect to “hide” the data flow. If your IT team hasn’t already installed a VPN, encourage them to do it now. The cost is minimal.
Point Two
Install a unique Wi-Fi device solely for back-office staff use. This will segregate crucial internal data sources from access by the shared network. You want to put the back office, sales and finance, services and sales, and parts on this Wi-Fi network.
Point Three
Sales and finance demand their own Wi-Fi for CRM, sales and lease finance applications for internal and approved vendor communications. Sales and finance move enormous amounts of personal (customer) and finance information among multiple parties – these transmissions must provide unquestionable integrity.
As this network passes critical and personal information that you must protect, you want a most robust network defense. Such protection should provide a non-latency platform to instantly implement permissions and security policies to proactively block any breach attempts, ensuring your dealership’s sensitive data, operations, and customer information are continuously protected. Additionally, the system helps meet CFPB regulatory requirements while safeguarding against external attacks and insider threats without adding complexity to your IT operations.
Protection from Hackers
Dealerships provide Wi-Fi situations that allow hackers to access their network from a parking lot or other public area. Once they’re into your network they’re free to roam where they wish to invade your business network and capture customer, vendor, and employee personal and financial data.
Another danger of a shareable single Wi-Fi is that presented by providing this service for waiting service customers. They likely use your service for online shopping—even accessing their personal financial information. A malicious character outside your store or walking around inside can capture all of their activities.
Too many dealerships continue to operate with a general Wi-Fi setup which has not been properly configured, allowing cross contamination of multiple networks within the dealerships. This is easily identified using proper IT surveillance software under “Real-Time” monitoring:
Rogue Networks: A rogue network or rogue access point is essentially a “back door” that has been installed on a network’s wired infrastructure without the administrator’s knowledge or consent. This type of security breach, which some refer to as a “man-in-the-middle attack,” disguises itself as a legitimate Wi-Fi connection to trick users into connecting to it.
Unencrypted Connections: An encryption-free connection allows hackers to monitor all file sharing and traffic that is sent between the user and server on a public Wi-Fi network. A well-positioned attacker can easily track the network users connected to the router of an unsecured network and inject malicious JavaScript into their devices.
Network Snooping: Another common method of attack is network snooping, which happens when a hacker uses malicious software on a public Wi-Fi network to remotely monitor the activity on a third-party’s laptop. This is an avenue for hackers to surveil any information exchange—whether it’s credit card information, passwords, or any number of other sensitive details.
Log-in Credential Vulnerability: Log-in credential vulnerability is caused by weak and predictable passwords. This type of security vulnerability can be prevented by making sure all your passwords for websites, apps, and Wi-Fi networks are strong and unique.
System Update Alerts: Hackers are constantly innovating ways to hijack smartphone devices. One sneaky way to steal information, which targets Android devices, is through fake system update alerts with data-exfiltration capabilities.
Session Hijacking: An attempt by hackers to gain control of a computer, often through the businesses’ website.