Stellantis is a big car company that makes many different brands of cars, like Jeep and Ram. It was created when two large car groups joined together.
LIVE
With nearly 5,000 specialists dedicated to supporting dealer financial services, Ally has the expertise to help you with your retail finance, F&I, and remarketing needs. We're all better off with an Ally. Contact your local Ally Account Executive to get started today. Ally do it right.
Ally demand craters. There's some risk involved in Stellantis' hiring spree, and Jaguar, Land Rover fires the design boss behind its polarizing rebrand. Plus, Helion Technologies' president, Eric Knockbar, explains why the cybersecurity tools dealerships relied on five years ago are becoming obsolete.
Let's run through all the news you need to know to keep up in the auto industry. Toyota Ford, Honda, Hyundai, and Kia posted Mixed November US sales with strong hybrid volume offset by an EV slump.
Sales rose almost 3% at Toyota last month, with the namesake brands light truck sales rising more than 6.5%. Ford sales dipped less than 1%, EV sales dropped 61%, while hybrid rose 14%.
Honda sales fell 15%, which it blamed on the next-period chip shortage, the company's two EVs, the prologue, and Acura ZDX, plunged 87% and 98% respectively.
Hyundai sales fell more than 2%, while Kia rose nearly 3%, both remain on pace for annual records. Hyundai's core crossover has posted double digit gains, but its Ionic 5 and 6 EVs slumped more than 56%.
GM, Subaru, and Volvo have not reported November results as of recording time. Check out on news.com for the latest results.
When it comes to the bigger picture November outlook, US light vehicle sales are expected to fall a second straight month on weaker EV demand following the end of federal tax credits.
The seasonally adjusted annual rate is forecast at 15.4 million to 15.7 million, far below last November's 16.6 million pace.
Cox Automotive says headwinds from higher prices and fewer government subsidies are finally slowing the market after a surprisingly strong first half of the year, analysts expect the full year to finish up just 1-2%.
And JLR has reportedly fired chief creative officer Jerry McGovern. The design boss behind the controversial Jaguar rebrand. According to AutoCarIndia, McGovern was escorted out of the office earlier this week.
The move comes less than a week after former JLR CEO Adrian Mardel's retirement as new CEO PBBology appears to be shaking things up following negative feedback on the rebrand.
Just weeks ago at the Miami launch of the Type 00 concept, McGovern defended his bold vision.
McGovern spent 21 years at JLR and was responsible for modern designs, including the Land Rover Defender and Range Rover lineup.
He won't be at the company to see the launch of his most controversial project, repositioning Jaguar as a luxury electric rival to Bentley.
And those are today's headlines. You can find more details on all those stories at autonews.com. Yesterday, we talked about Stellantis' hiring spree at its North American headquarters in Auburn Hills, Michigan.
Joining me today to talk more about it is Kurt Nagel of our sibling publication, Crane's Detroit Business. Kurt, welcome back to Daily Drive.
Thanks for having me. So, Kurt, what does this hiring in Auburn Hills signal for the automaker about its ambitions for North America?
Well, I think first and foremost, it signals that there is life yet in North America and at its headquarters. And that wasn't so certain just a year ago.
If you'll recall, there were cuts that seemed to be coming at every turn under previous leadership. There was weightless emphasis on North America.
The nerve center was very much shifting to Europe. And there were worries that the carmaker was set to abandon the market altogether.
These white collar jobs, this influx of hiring at the headquarters signals that that's no longer the case.
Well, you brought up the cuts, Kurt, and Stellantis has cut positions in the past to save on costs. Now, is there some risk involved with this hiring spree?
Yeah, absolutely. I think there's always risk involved, especially with industry like automotive. There's ups and there's downs.
And I think that the sentiment for Stellantis right now is that they cut to the bone in previous years.
And now, this is sort of a course correction and where they are rebuilding in the ranks that they mistakenly thinned out.
So, there's always a risk, but I think for right now, it's positive news. And the leadership is very much suggested and emphasized that North America is a priority.
All right, Kurt, thank you so much for joining me.
All right, thanks again.
Coming up, Helion Technology's president, Eric Knockbar, joins the show to talk about how retailers put themselves at risk with outdated cyber security tools and practices.
That's next on Daily Drive.
For over 100 years, Ally has helped dealers like you serve your customers by providing the best in class products and services you need.
And by remaining true to the automotive passion, we share. Your dedicated Ally Account Executive will work hand in hand with you to help you gain efficiencies, increase your product offerings, and work to improve per vehicle revenue.
Because we care about your business as much as you do. We're all better off with an ally. Contact your local Ally Account Executive to get started today. Ally do it right.
Welcome back to Daily Drive. I'm Kellan Walker, cyber security protections that worked five years ago are now obsolete.
That's according to Eric Knockbar, president of Helion Technologies. He tells automotive news retail tech reporter Mark Homer that dealerships are behind on major changes in how cyber attacks work.
What I want to try to give readers and viewers is a sense of cyber security practices and how they're evolving or have evolved.
So is there something that worked five years ago that doesn't work as well now that's been that is now being replaced by something else?
Yes. So an example of that would be the technologies that are used to I to protect against attack, namely how security monitoring works and intervention and now how that's leveraging AI.
So historically what you would do is you would put any buyers in place which we're all familiar with that right and that's still technology that needs to exist but is really kind of a subset of larger security protection strategies.
So the technology that is obsolete that we still see a lot of dealers rely on is having some sort of software in place that is supposed to defend you against cyber attackers.
And these days, right, so they bought off the shelf products or they subscribe to products where they subscribe to something like, you know, Norton, for example, or and there are more kind of corporate versions of that that dealers have bought over the years and put in place where now what you need to have in place is very, very robust technologies that look for the behaviors of actual attackers.
So where before software was looking for other software basically, hey, you ran a program and I'm going to block that program because I know it's malicious.
Now we're looking for behaviors like impossible logins. So we're hooking an impossible login is you log into Microsoft 365 in New York and in Beijing.
And that's impossible, right? Well, how'd that happen? Well, you were probably lured into giving up your credentials and multifactor by email that was received by attacker, you know, from a cyber criminal that then got you to input your credentials and they were able to log on and establish a second session, a second connection into Microsoft 365 with your credentials from somewhere else.
And then they can do all kinds of nefarious things, right, like track your, you know, look for personal data and everything else.
So the old way of kind of blocking software doesn't work anymore. So you have to have technologies that are much more sophisticated.
And so looking for impossible logins involves combing through vast amounts of login information, right?
Because I mean, that's constantly happening. And that's typically done with AI driven technologies that can consume and, you know, look for that type of behavior.
I understand. But with that in mind, then our dealerships and others in the auto industry are aware of the change to, I mean, are there a lot of businesses in the space that are still adjusting to that?
I think dealers are still, I mean, that change is kind of happening throughout every, you know, everywhere.
And I think everyone is still catching up to that change. But I think in particular in the auto space, auto dealers are, you know, still catching up are way behind.
I mean, we're still seeing today dealers going live on technologies on DMS's CRMs that are web-based exposed to the internet without multi-factor authentication, right?
They're still relying on usernames and passwords without multi-factor. And the technology is exists in the system and they're opting to not turn it on.
So, yeah, I mean, today, like literally Mark, I had a conversation with somebody in our organization. It was like, yeah, we just performed an assessment and they don't have MFA turned on on their DMS.
What is new in cyber security that they should be aware of? What's coming next? And maybe if you have one or two things that you're aware of that you'd like to talk about.
This is an important one. So, and you hear different metrics, right? But the general metric is 97 or so percent of cyber attacks originate via email, right?
They're getting people to click on things or do things. We all see that, right? We get those attacks all the time.
And what's new in cyber crime is that cyber attackers are using AI to generate extremely targeted fishing campaigns.
It's kind of this next generation of fishing where I can like target you specifically, right? And I can target a dealer executive or different roles in the dealerships specifically based on who they are, what their roles are, what the dealerships are.
So, right? Because you might have seen, I don't know if you've ever received any of these AI, I get them like marketing campaigns that are like, hey, Eric, and like the dumbest version would be like somebody just sent me one and said, by the way, I heard that, you know, such and such a restaurant, you know, some restaurant that's local to my business is really good. What are your thoughts on it?
And that's like a real hokey version of they just used AI to look at what the restaurants are local, you know, highly rated local to me.
Well, the cyber attackers are using those for incredibly effective campaigns. If you, so if that's what's new, newer in, and we're going to see lots of novel ways that they use AI for these attacks.
So what's the technology that we've historically relied on to protect us against fishing attacks? Well, it's this notion of email filtering gateways and we use them and we've used them for years.
What is an email filtering gateway? So an email filtering gateway and there's and there's various ways this is done. It's a technology that sits between the internet and you right between the email system and you and an example of that would be barracuda is a technology that does email filtering Microsoft has it built in Google has it built in where it looks at emails that are incoming to the system and says, okay, where did this email come from?
Does it have certain keywords? You know, what IP address did it come from? What country did it originate from? So it's trying to discern, is this email a spam email, right? So this notion of spam and blocking it at that point and maybe quarantining it, right, putting it in different categories.
You've seen that if you use Gmail, it'll say these are social emails, these are promotional emails, right, we have a system that we've used for years that it'll quarantine certain things based on scores, but it's very much trying to look at more geography and keywords.
These new AI based, really targeted emails are also because they're so targeted, they can do them in very small batches, they don't have to kind of blast an email to a million things.
Look, would you rather send a million of these emails and get blocked right if you're an attacker or send a thousand of them that are hyper targeted that can really worm their way through these systems without getting noticed.
And these traditional spam gateways, email gateways are not good at picking up on those AI generated messages.
When did people like you become aware that this was a problem?
It's really been in the last year, I would say. I mean, it's, you know, it's been up and coming, but you're seeing it much more now.
It's kind of in the same time frame, if you think back, when did you start getting these much more targeted emails?
It's really over the last year that they've gotten really hyper targeted and they're not even like amazing.
I mean, they're going to get better and better and better and better, right?
I mean, AI is at the point where, I mean, I was in a hotel and AI answered the phone when I called for root service.
Wow.
Yeah, they just, think about that, right?
Actually, I needed a toothbrush. This was last week in Indianapolis and I called and an AI answered the phone and said,
what do you need? And I said, I need a toothbrush and then a person showed up 10 minutes later.
I mean, a computer dispatched a person.
So it's kind of a freaky thing. So we're there.
I'm seeing a trend because you're the second cyber security expert I've spoken to today that said that AI is now being used as a cyber weapon.
Yep.
Did you maybe elaborate on that a little bit from your perspective?
You know, AI is, and it's also incidentally being used not only as a cyber weapon, but then also by the good guys in a lot of ways.
So, I mean, email is a really good example of leveraging AI to generate these hyper, you know, specific directed campaigns.
And we're seeing them against auto dealers.
So where you can, you know, pick exact people that you want to target roles and target the messaging around that.
You know, because we're using CRM tools that do the same thing.
So the defenses are also leveraging AI against it.
So when you talk about what's the technology that it's not completely obsolesced right those email gateways.
But the way that they're getting defended against now is rather than having a gateway that kind of sits there and blocks everything or tries to and then these guys are getting past it.
You've got technologies that actually reach into the email systems.
And that's technology we're using now.
We're using a product called Fish Titan that it reaches into Microsoft 365 and looks into mailboxes.
AI is reading the emails and reading what the content is and looking at headers and things that the gateways used to do.
But it actually is using more information to try to determine, hey, this was sent from outside the organization.
You have that on your emails, right? Like you put footers and headers and things like that.
This is actually reading the emails and saying, hey, where did this come from, right?
If I forward an email to you or it looks forwarded, it might get past the gateway.
But these technologies are able to look and see, oh no, this wasn't actually sent internally.
Right? This is an external email. This might contain phishing links, these links are dangerous links.
So it's a whole nother level of sophistication that's evaluating.
That's daily drive for today. I'm Kellan Walker.
Thanks to automotive news executive producer Jake Near as well as around David Phillips for his reporting for today's podcast.
We also had reporting from Kurt Nagel about sibling publication, Crane's Detroit Business.
You can get the latest news on retail tech, November US sales results and everything happening in the auto industry at autonews.com.
Come back tomorrow for a conversation with Jessica Codwell of Edmunds about uncertainty heading into 2026.
The thing I'm probably most worried about is the thing I do not know because that has been the pattern for the past five years.
We'd love to hear from you. Let us know what you think of the show when the topics we covered today.
Send us an email at dailyDrive at autonews.com or leave us a voicemail at 313-444-2774.
And if you enjoy the podcast remember to like, leave a review and subscribe so you never miss an episode.
About this episode
November saw a surge in hybrid vehicle sales, contrasting with a slump in EVs, as major automakers like Toyota and Ford reported mixed results. Helion Technologies' president, Erik Knockbar, discussed the evolving landscape of cybersecurity in dealerships, highlighting the obsolescence of outdated protection methods and the rise of AI-driven threats. He emphasized the need for dealerships to adopt advanced security measures to combat increasingly sophisticated cyber attacks. The episode also touched on Stellantis' hiring spree, signaling renewed focus on North America amidst previous cutbacks.
Toyota, Ford, Honda, Hyundai and Kia posted mixed November U.S. sales, with strong hybrid volume offset by an EV slump. JLR fires the design boss behind Jaguar’s polarizing rebrand. Plus, Helion Technologies President Erik Nachbahr explains why the cybersecurity tools dealerships relied on five years ago are becoming obsolete.
