Guide helps organizations understand what malicious actors are doing so defenders can adopt appropriate mitigations to phishing. The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI) and Multi-State Information Sharing and Analysis Center (MS-ISAC) published “Phishing Guidance, Stopping the Attack Cycle at Phase One” to help organizations reduce […]
Ford Offers Guidance on Cyber Security Vulnerability on Vehicle Wi-Fi Software
Ford Motor Company (NYSE: F) announced it learned from a supplier that a security researcher discovered a vulnerability in the Wi-Fi software driver supplied for use in the SYNC 3 infotainment system available on some Ford and Lincoln vehicles. Immediately, and in collaboration with them, Ford began developing and validating measures to address the vulnerability. […]
NHTSA Addresses Third-Party Access to Diagnostics and Serviceability Info in Cybersecurity Best Practices for New Vehicles
The U.S. Department of Transportation’s National Highway Traffic Safety Administration released Cybersecurity Best Practices for the Safety of Modern Vehicles, an update to its 2016 edition. The document describes NHTSA’s guidance to the automotive industry for improving vehicle cybersecurity for safety. “As vehicle technology and connectivity develop, cybersecurity needs to be a top priority for […]
White House Highlights Resources for Businesses to Protect Against Potential Cyberattacks
The Biden Administration has warned repeatedly about the potential for Russia to engage in malicious cyber activity against the United States in response to the unprecedented economic sanctions we have imposed. According to a Fact Sheet posted by the Administration, there is now evolving intelligence that Russia may be exploring options for potential cyberattacks. According […]
U.S. Government Launches One-Stop Ransomware Resource
New website provides cybersecurity resources from across the Federal Government. The U.S. government announced new resources and initiatives to protect American businesses and communities from ransomware attacks. The U.S. Department of Justice (DOJ) and the U.S. Department of Homeland Security (DHS), together with federal partners, have launched a new website to combat the threat of […]
ASA Joins with American Alliance for Vehicle Owners Rights to Support Vehicle Data Access
In comments to NHTSA on cybersecurity best practices, Alliance says repair facilities need data to repair customer vehicles. The Automotive Service Association (ASA), in partnership with members of the American Alliance for Vehicle Owner’s Rights (AAVOR), submitted comments to the National Highway Traffic Safety Administration (NHTSA) in response to its “Cybersecurity Best Practices for the […]
University of the Aftermarket Foundation Expands Scholarship Fields to Include IT/Cybersecurity
The University of the Aftermarket Foundation (UAF) announced its newest field of study for scholarships, IT/Cybersecurity, available for applicants to specify this potential career interest on the newly redesigned Automotive Aftermarket Scholarships Central website. “Demand for IT and cybersecurity professionals is growing in the automotive aftermarket industry as companies large and small need to protect […]
Interview, Bob Redding, Automotive Service Association Washington Representative
Redding examines Federal legislation impacting the industry in the wake of the 2020 general election. Examines prospects for coronavirus relief and background of Right to Repair debate on vehicle data access. In the wake of the election day in early November, the automotive service and collision repair industries will see new legislative and regulatory changes […]
Cybersecurity Focus of CIECA October 26 Webinar
The Collision Industry Electronic Commerce Association (CIECA) announced its next CIECAST webinar, Cybersecurity for the Collision Repair Industry, is scheduled for Monday, October 26 at noon (EDT). Registration for the October 26 CIECA event is available online. Mike Anderson, owner of Collision Advice, and David Willett, underwriting (VCE) value creation executive at ProSight Specialty Insurance, […]
Nationwide Invests in Connected Vehicle Cybersecurity Firm
Nationwide’s venture capital team has invested in Upstream Security, a provider of cybersecurity for connected vehicles. The investment is designed to help the Israel-based company enable OEM car manufacturers and fleets to detect, monitor and respond to attacks, targeting any part of the connected vehicle framework – even for vehicles already on the road. As […]