We want to share an alert with you that was received by our CTO, who is a member of the FBI Infragard network, a public/private partnership focused on maintaining the physical and cyber security of our nations critical infrastructure and industry in general. The FBI released a PIN, or Private Industry Notification, to alert the automotive industry to an increase in cyber-attacks.
The FBI has evidence of hackers compromising IT networks across the automotive sector using brute force attacks and phishing emails resulting in ransomware infections and data breaches of personally identifiable information. It is the FBI’s assessment that these attacks are likely to increase.
The notification specifically highlights the following risks:
- Attacks on company’s web-facing employee logins.
- Attacks that exploit unpatched operating systems.
- Phishing email messages with infected attachments.
- Access to employee email communication due to poorly configured email systems.
- Ransomware due to infected email attachments that were opened or malicious links that were
clicked.
What you should do:
- Ensure your backups are running regularly.
- Test a backup to ensure you can restore from it.
- Enable strong password policies requiring complex passwords that expire at least every 90 days.
- Ensure operating systems are patched and currently supported. If you have Windows 7 or Windows Server 2008 operating systems in use, be sure they are replaced no later than January 14, 2020.
- Educate employees to never open attachments or click links unless they have personally verified their authenticity by voice.
- Implement multi-factor authentication for access to any corporate systems.
- Be sure your anti-virus is installed, running and up to date.
- Monitor for unusual activity on your network from unknown IP addresses or foreign nations.
- Encrypt information wherever and whenever possible.
If you think you may be the victim of a cyber-attack, contact your local FBI field office, which may be
located at https://www.fbi.gov/contact-us/field-offices. This is a legitimate link, but feel free to type the
URL into your browser to be absolutely certain.
Recent Posts
The U.S. Department of Labor Announces Proposed Rule To Protect Indoor, Outdoor Workers From Extreme Heat
The U.S. Department of Labor has proposed a new rule aimed at protecting workers from extreme heat hazards. This initiative seeks to safeguard approximately 36 [...]
Supreme Court Overturns Chevron Deference: What It Means for Workplace Safety and Regulation
The landscape of federal regulation is set for a seismic shift following a recent Supreme Court decision. On June 28, in Loper Bright Enterprises, et [...]
Navigating the Compliance Maze: How NARFA Simplifies Employee Benefits for Automotive and Trade Industries
In today's complex regulatory environment, businesses in the automotive, roads, fuel, and related industries face unprecedented challenges in managing employee benefits. Recent studies show that [...]