In the summer of 2024, a large-scale cyberattack crippled thousands of car dealerships, preventing them from carrying out basic business operations. Since then, cyberattacks targeting the industry have never returned to pre-crisis levels, according to the 2025 Cybersecurity Report published by Proton Dealership IT and Cybersecurity.

A Persistent and Growing Threat

The triggering event in June 2024 exposed major vulnerabilities in the sector’s IT systems. While there was a brief lull immediately following the incident, the months that followed saw a surge in cyber activity, with significant spikes during the holiday season. In December, attacks increased by nearly 110% year-over-year, as cybercriminals took advantage of holidays and off-peak hours to maximize their impact.

New Intrusion Techniques

In March 2025, a supply chain attack targeted dealership website providers. Hackers injected malicious code into vehicle images and videos, allowing unsuspecting visitors to download malware when browsing online inventory. Once activated, the malware stole passwords, browser history, and granted remote access to attackers, potentially compromising payroll, banking, and OEM systems. Proton reports it was the first to detect this threat and alert providers, helping to contain the damage.

Vigilance Remains Critical

The report shows that malicious activity remains between 150% and 250% above pre-incident levels. Experts stress that preparation can make the difference between a short disruption lasting minutes and a full-scale ransomware shutdown lasting days or even weeks.

Proton highlights five essential safeguards:

• Train all employees to recognize phishing and social engineering attempts,

• Implement multi-factor authentication across all systems,

• Use high-quality Managed Detection and Response (MDR) tools,

• Rely on 24/7 professional monitoring,

• Maintain an incident response and recovery plan.

A Vital Challenge for the Industry

“Dealerships are being targeted every single day. The real question isn’t whether an attack will happen, but how well the business is prepared,” Proton warns.

As automotive services continue their rapid digital transformation, the report concludes that cybersecurity must now be seen as a critical investment rather than an optional expense.