Those who know me hear me talk about baseline all the time

I found a great article on Security Baselines for Windows

Every organization faces security threats. However, the types of security threats that are of most concern to one organization can be completely different from another organization. For example, an e-commerce company may focus on protecting their Internet-facing web apps, while a hospital may focus on protecting confidential patient information. The one thing that all organizations have in common is a need to keep their apps and devices secure. These devices must be compliant with the security standards (or security baselines) defined by the organization.

Security Baselines

A security baseline is a collection of settings that have a security impact and include Microsoft’s recommended value for configuring those settings along with guidance on the security impact of those settings. These settings are based on feedback from Microsoft security engineering teams, product groups, partners, and customers.

Where can I get the security baselines?

Here’s a list of security baselines that are currently available.

Note: If you want to know what has changed with each security baseline, or if you want to stay up-to-date on what’s happening with them, check out the Microsoft Security Guidance blog.

Windows 10 security baselines

Windows Server security baselines

To read the full article please go Here

Another MVA free course this time about PowerShell Version 5

Would you like to learn about the latest and greatest features that Microsoft has built into PowerShell Version 5? Be sure to check out this course, and get the details that can enable you to begin using these features immediately.

Explore the new features in PowerShell, including changes in security, scripting, debugging, and administration role management, along with the PowerShell Gallery, ScriptAnalyzer, and DSC. Plus, learn to install modules, implement the Wait Debugger, look at Just Enough Administration, and much more.                                    

1 | Introduction to PowerShell v5

Get an overview of the new features in PowerShell v5.
 
2 | Package Management

Learn what’s new with package management in PowerShell v5

3 | PowerShell v5 Security

Get the details on what’s new with security in PowerShell v5.

4 | PowerShell v5 Debugging

Take a look at what’s new with debugging in PowerShell v5.
 
5 | PowerShell Classes

Learn about classes in PowerShell v5.
 
6 | Just Enough Administration

Hear about the new Just Enough Administration feature in PowerShell v5.
 
7 | Desired State Configuration

Find out what’s new with DSC in PowerShell v5.
 

  Learn about features in PowerShell.

  • Explore DSC.
  • See new ISE improvements.
  • Explore the PowerShell Gallery.
  • See and use PowerShellGet.
  • Take a look at PowerShell ScriptAnalyzer.
  • Install modules.
  • Explore system-wide transcripts.
  • Explore script block logging.
  • Implement the Wait Debugger.
  • Find out about Just Enough Administration.
  • Explore DSC resources.
  • Review debugging and DSC.

To take this course Click HERE

Another Free MVA course this time on Windows 2016 Server

Corey Hynes and Ward Ralston teach this course about the features and functionality that have been added to this new version of Windows Server, along with those that were modified from previous versions.

See demonstrations and get high-level overviews, from a practical and a conceptual standpoint. Take a look at what’s new in Windows Server 2016 Hyper-V and software-defined networking, learn about the latest in software-defined storage, and hear about security features, including Credential Guard. Plus, explore containers and Nano Server, along with implementation and management.                                    

1 | Instructor Introductions and Prep

Meet your instructors, and learn what you should know as you come to this course.

2 | Introduction to Windows Server 2016

Get a high-level overview of what’s new in Windows Server 2016, from a conceptual standpoint.

3 | The Software-Defined Datacenter – Part 1

Take a look at what’s new in Windows Server 2016 Hyper-V and software-defined networking.

4 | The Software-Defined Datacenter – Part 2

Get a high-level overview of what’s new in Windows Server 2016 storage, including software-defined storage.
 
Go here to take the course

Free Class on Power Tools for Windows 10

Another MVA class  Dive into Windows 10 with award-winning journalist and Windows Expert Ed Bott, along with Microsoft Technical Evangelist Jennelle Crothers, in this course covering tips, shortcuts, and top utilities for Windows 10.
Every IT Pro knows from firsthand experience that the sheer volume of Windows programs and accessories says a lot about its power and complexity. In these seven modules, get advice and hands-on training on Windows 10 tools that can help you work faster and smarter, including File Explorer, Event Viewer, Task Manager, and more. Plus, review tools for all skill levels, from end users to experts and professionals.  

1 | Power Tools for Windows 10

Learn how to use the search box and the Quick Links menu to find what you’re looking for and access key utilities.

2 | File Explorer

Get the most of out the File Explorer, and learn the ins and outs of libraries and how to search for files like a pro.

3 | Registry Editor

Learn how the registry works and how to carefully make changes to get your system to work the way you want it to.

4 | Event Viewer and Task Manager

Learn how to get the most from the Event Viewer and the Task Manager so you can identify potential problems and wrangle misbehaving apps.

5 | Disk Management

Learn how to create and manage disk partitions, protect your files with BitLocker, and optimize your drives.

6 | Sysinternals Suite and DaRT

Use the Sysinternals Suite and the Diagnostic and Recovery Toolset (DaRT) to get even more detailed information on the tasks and processes running on your system.

7 | Hyper-V and Microsoft Azure

Learn how to create, use, and manage virtual machines both on your machine and in Microsoft Azure.


To view the course click Here

Free Ebook From Microsoft that you can download

Part of the “Microsoft Azure Essentials” series, this ebook helps SQL Server database users understand Microsoft’s offering for SQL Server in Azure. Learn how SQL Server in Azure is similar to SQL Server in an on-premises environment, and how they are different. The author, a content lead for Azure.com, walks you through the steps of getting started with SQL Server in an Azure virtual machine and with Azure SQL Database. Follow the numerous screenshots to create a trial subscription, create SQL Server in an Azure virtual machine, create an Azure SQL Database, migrate an on-premises database to each Azure environment, create users, back up and restore data, and archive data
 You can get the book Here

Extortion E-mail Schemes Tied to Recent High-Profile Data Breaches

The Internet Crime Complaint Center (IC3) continues to receive reports from individuals who have received extortion attempts via e-mail related to recent high-profile data thefts. The recipients are told that personal information, such as their name, phone number, address, credit card information, and other personal details, will be released to the recipient’s social media contacts, family, and friends if a ransom is not paid. The recipient is instructed to pay in Bitcoin, a virtual currency that provides a high degree of anonymity to the transactions. The recipients are typically given a short deadline. The ransom amount ranges from 2 to 5 bitcoins or approximately $250 to $1,200.
The following are some examples of the extortion e-mails:

“Unfortunately your data was leaked in a recent corporate hack and I now have your information. I have also used your user profile to find your social media accounts. Using this I can now message all of your friends and family members.”

“If you would like to prevent me from sharing this information with your friends and family members (and perhaps even your employers too) then you need to send the specified bitcoin payment to the following address.”

“If you think this amount is too high, consider how expensive a divorce lawyer is. If you are already divorced then I suggest you think about how this information may impact any ongoing court proceedings. If you are no longer in a committed relationship then think about how this information may affect your social standing amongst family and friends.”

“We have access to your Facebook page as well. If you would like to prevent me from sharing this dirt with all of your friends, family members, and spouse, then you need to send exactly 5 bitcoins to the following address.”

“We have some bad news and good news for you. First, the bad news, we have prepared a letter to be mailed to the following address that details all of your activities including your profile information, your login activity, and credit card transactions. Now for the good news, You can easily stop this letter from being mailed by sending 2 bitcoins to the following address.”

Fraudsters quickly use the news release of a high-profile data breach to initiate an extortion campaign. The FBI suspects multiple individuals are involved in these extortion campaigns based on variations in the extortion emails.

If you believe you have been a victim of this scam, you should reach out to your local FBI field office, and file a complaint with the IC3 at www.ic3.gov. Please include the keyword “Extortion E-mail Scheme” in your complaint, and provide any relevant information in your complaint, including the extortion e-mail with header information and Bitcoin address if available.

 
Tips to protect yourself:
  • Do not open e-mail or attachments from unknown individuals.
  • Monitor your bank account statements regularly, as well and as your credit report at least once a year for any fraudulent activity.
  • Do not communicate with the subject.
  • Do not store sensitive or embarrassing photos of yourself online or on your mobile devices.
  • Use strong passwords and do not use the same password for multiple websites.
  • Never provide personal information of any sort via e-mail. Be aware, many e-mails requesting your personal information appear to be legitimate.
  • Ensure security settings for social media accounts are turned on and set at the highest level of protection.
  • When providing personally identifiable information, credit card information, or other sensitive information to a website, ensure the transmission is secure by verifying the URL prefix includes https, or the status bar displays a “lock” icon.

The FBI does not condone the payment of extortion demands as the funds will facilitate continued criminal activity, including potential organized crime activity and associated violent crimes.

This is a repost of a FBI Public Service announcement

Call For Speakers – OPEN for the 3rd Annual Joint Cyber Security Conference on October 5th 2016.

Call For Speakers – OPEN

You are invited to the Capital of the World, New York City for
the 3rd Annual Joint Cyber Security Conference on October 5th 2016.
 The event will be feature internationally
recognized  presentations delivered by security researchers, industry
leaders and officials.

IMPORTANT DATES


2016 CALL FOR PAPERS
IS NOW OPEN 

Call for Papers opens: April 15th 2016
 | Call for Papers closes: June
15 , 2016 | Notification to Authors: by end of June, 2016
Terms are subject to
change. 

REVIEW BOARD + CONTENT SELECTION

The event review
board is comprised of 10 of the NYC Metro’s most credible and
distinguished security professionals and thought leaders throughout various
areas of the information security community. The Review Board advises the
conference on its strategic direction, reviewing, and programming
conference content and providing unparalleled insight into the research
community.

The talks will be reviewed
using a basic point system, each reviewer will be responsible for scoring the
talk submission and picking the best candidates for limited spots.

·       
1-10 Points – Creative Title

·       
1-10 Points – Clear and detailed
learning abstract/objectives/sources

·       
1-10 Points – NYMJCSC Association
Topic

·       
1-10 Points – NCSAM Topic

* Speakers will be picked on
these criteria regardless of sponsorship if applicable.

CLICK HERE 

TO SUBMIT YOUR TALK

SUBMISSION PROCESS
& REQUIREMENTS

1.     The original author(s) of a presentation must submit for the
Call for Presentation. Third parties such as PR firms or speaker
representatives may not submit materials on behalf of a potential speaker or
speaking team.

2.     New York Metro Joint Cyber Security Conference (NYMJCSC) does not accept product or vendor-related pitches. .

3.     Each submission must be completed in its entirety the first
time.

4.     New York Metro Joint Cyber Security Conference (NYMJCSC) selection process is very competitive. Members of the NYMJCSC Review
Board score each submission as a group.  Submissions should clearly detail
the concepts, ideas, findings, and solutions a researcher or speaking team
plans to present.

5.     Submissions that highlight new research, tools, vulnerabilities,
etc. are highly recommended and will be given priority.

6.     Submissions that include Handouts and Live Demos will also
be given priority.

7.     Speakers may submit more than one proposal but each proposal
must be submitted via a separate submission form.

8.     Each submission must include detailed bibliographies
acknowledging prior work in the space, distinguishing or highlighting how your
presentation is different.

9.     Individuals submitting a proposal will receive a “Your
submission for New
York Metro Joint Cyber Security Conference 2016 has
been received”. After selections have been completed, all submitters will
receive an email confirmation of acceptance or rejection.

10. Speakers will be contacted directly if Review Board members have
any questions about a submission.

 

Free Ebooks From Microsoft that you can download

Windows 10 IT Pro Essentials: Top 10 Tools

 
Dive in to Windows 10 with award-winning journalist and Windows Expert Ed Bott in this highly curated free eBook covering the top apps, accessories, and utilities included in the box with Windows 10.
The sheer volume of Windows programs and accessories says a lot about the power and complexity of Windows—a fact that every IT pro knows from firsthand experience. There’s a tool for nearly every task, and a large part of the process of becoming a Windows expert is knowing how to find the appropriate one when you need it.

This eBook contains descriptions and hands-on advice to help IT Pros work faster and smarter. Some of these tools are for everybody—end users and experts alike—whereas some are strictly for professionals. A few are so specialized that you’ll only need them once in a blue moon. Collectively, though, they make up a toolbox that can save you (and your company) time and money.|
You can get it Here
 

Deploying Windows 10: Automating deployment by using System Center Configuration Manager

 
Get a head start deploying Windows 10—with tips and best practices from experts in the field. This guide shows you how to deploy Windows 10 in an automated way without impacting end users by leveraging System Center Configuration Manager, which is the most used product to deploy Microsoft operating systems in the industry today.|

You can get it Here
 
 

Introducing Windows Server 2016 Technical Preview

 
Get a head start evaluating Windows Server 2016—guided by the experts. Based on Technical Preview 4, John McCabe and the Windows Server team introduce the new features and capabilities, with practical insights on how Windows Server 2016 can meet the needs of your business. Get the early, high-level overview you need to begin preparing your deployment now!

 

You can get it Here
 
 

Creating Mobile Apps with Xamarin.Forms

 
Written by legendary author Charles Petzold, this 1200-page ebook is a deep dive for C# programmers who want to write applications using a single code base that targets the three most popular mobile platforms: iOS, Android, and Windows, encompassing the Universal Windows Platform and Windows Phone. Produced by Xamarin and Microsoft Press.

 

You can get it Here
 
 

Planning and Preparing for Microsoft SharePoint Hybrid

 
This book is part of a series to provide readers from all over the world with a guide on how to connect SharePoint on-premises to Microsoft’s cloud services. You will gain insight into planning, architecture, configuration, and management of SharePoint hybrid. This book covers foundational topics with which you will learn more about Office 365 and Microsoft Azure, architecture planning, platform hygiene and preparation, directory synchronization, and how to configure a seamless single sign-on experience for users.

You can get it Here

 
 

 

Windows 10 for IT Professionals, Technical Overview

This guide, by award-winning journalist and Windows expert Ed Bott, introduces new Windows 10 features and capabilities, providing a practical, high-level overview for IT professionals ready to begin deployment planning now. This edition was written after the release of Windows 10 version 1511 in November 2015 and includes all of its enterprise-focused features. The goal of this book is to help you sort out what’s new in Windows 10, with a special emphasis on features that are different from the Windows versions you and your organization are using today, starting with an overview of the operating system, describing the many changes to the user experience, and diving deep into deployment and management tools where it’s necessary.
 
You can get it Here

 

 

 

 
 

 

 

FBI Warns of Dramatic Increase in Business E-Mail Scams

FBI officials are warning potential victims of a dramatic rise in the business e-mail compromise scam or “B.E.C.,” a scheme that targets businesses and has resulted in massive financial losses in Phoenix and other cities.
 
The schemers go to great lengths to spoof company e-mail or use social engineering to assume the identity of the CEO, a company attorney, or trusted vendor. They research employees who manage money and use language specific to the company they are targeting, then they request a wire fraud transfer using dollar amounts that lend legitimacy.
 
There are various versions of the scams. Victims range from large corporations to tech companies to small businesses to non-profit organizations. Many times, the fraud targets businesses that work with foreign suppliers or regularly perform wire transfer payments.
  • Law enforcement globally has received complaints from victims in every U.S. state and in at least 79 countries.
  • From October 2013 through February 2016, law enforcement received reports from 17,642 victims.
  • This amounted to more than $2.3 billion in losses.
  • Since January 2015, the FBI has seen a 270 percent increase in identified victims and exposed loss.
  • In Arizona the average loss per scam is between $25,000 and $75,000.
If your company has been victimized by a BEC scam:
  • Contact your financial institution immediately
  • Request that they contact the financial institution where the fraudulent transfer was sent
  • File a complaint—regardless of dollar loss—with the IC3.
Tips for Businesses:
  • Be wary of e-mail-only wire transfer requests and requests involving urgency
  • Pick up the phone and verify legitimate business partners.
  • Be cautious of mimicked e-mail addresses
  • Practice multi-level authentication.
Resources:

Motor Vehicles Increasingly Vulnerable to Remote Exploits repost from The FBI

As previously reported by the media in and after July 2015, security researchers evaluating automotive cybersecurity were able to demonstrate remote exploits of motor vehicles. The analysis demonstrated the researchers could gain significant control over vehicle functions remotely by exploiting wireless communications vulnerabilities. While the identified vulnerabilities have been addressed, it is important that consumers and manufacturers are aware of the possible threats and how an attacker may seek to remotely exploit vulnerabilities in the future. Third party aftermarket devices with Internet or cellular access plugged into diagnostics ports could also introduce wireless vulnerabilities.
 
Modern motor vehicles often include new connected vehicle technologies that aim to provide benefits such as added safety features, improved fuel economy, and greater overall convenience. Aftermarket devices are also providing consumers with new features to monitor the status of their vehicles. However, with this increased connectivity, it is important that consumers and manufacturers maintain awareness of potential cyber security threats.
 
Vehicle hacking occurs when someone with a computer seeks to gain unauthorized access to vehicle systems for the purposes of retrieving driver data or manipulating vehicle functionality. While not all hacking incidents may result in a risk to safety – such as an attacker taking control of a vehicle – it is important that consumers take appropriate steps to minimize risk. Therefore, the FBI and NHTSA are warning the general public and manufacturers – of vehicles, vehicle components, and aftermarket devices – to maintain awareness of potential issues and cybersecurity threats related to connected vehicle technologies in modern vehicles.
 
How are computers used in modern motor vehicles?
Motor vehicles contain an increasing number of computers in the form of electronic control units (ECUs). These ECUs control numerous vehicle functions from steering, braking, and acceleration, to the lights and windshield wipers. A wide range of vehicle components also have wireless capability: from keyless entry, ignition control, and tire pressure monitoring, to diagnostic, navigation, and entertainment systems. While manufacturers attempt to limit the interaction between vehicle systems, wireless communications, and diagnostic ports, these new connections to the vehicle architecture provide portals through which adversaries may be able to remotely attack the vehicle controls and systems. Third-party devices connected to the vehicle, for example through the diagnostics port, could also introduce vulnerabilities by providing connectivity where it did not exist previously.
 
What are some of the ways an attacker can access vehicle networks and driver data?
Vulnerabilities may exist within a vehicle’s wireless communication functions, within a mobile device – such as a cellular phone or tablet connected to the vehicle via USB, Bluetooth, or Wi-Fi – or within a third-party device connected through a vehicle diagnostic port. In these cases, it may be possible for an attacker to remotely exploit these vulnerabilities and gain access to the vehicle’s controller network or to data stored on the vehicle. Although vulnerabilities may not always result in an attacker being able to access all parts of the system, the safety risk to consumers could increase significantly if the access involves the ability to manipulate critical vehicle control systems.
 
Example: Recently Demonstrated Remote Exploits
Over the past year, researchers identified a number of vulnerabilities in the radio module of a MY2014 passenger vehicle and reported its detailed findings in a whitepaper published in August 2015.a The vehicle studied was unaltered and purchased directly from a dealer. In this study, which was conducted over a period of several months, researchers developed exploits targeting the active cellular wireless and optionally user-enabled Wi-Fi hotspot communication functions. Attacks on the vehicle that were conducted over Wi-Fi were limited to a distance of less than about 100 feet from the vehicle. However, an attacker making a cellular connection to the vehicle’s cellular carrier – from anywhere on the carrier’s nationwide network – could communicate with and perform exploits on the vehicle via an Internet Protocol (IP) address.
 
In the aforementioned case, the radio module contained multiple wireless communication and entertainment functions and was connected to two controller area network (CAN) buses in the vehicle. Following are some of the vehicle function manipulations that researchers were able to accomplish.
  • In a target vehicle, at low speeds (5-10 mph):
    • Engine shutdown
    • Disable brakes
    • Steering
  • In a target vehicle, at any speed:
    • Door locks
    • Turn signal
    • Tachometer
    • Radio, HVAC, GPS
What did the manufacturer in the recent case do to fix or mitigate the identified vulnerabilities?
In this case, NHTSA believed the vulnerability represented an unreasonable risk to safety based on a number of critical factors: once exploited, the vulnerability allowed access to and manipulation of critical vehicle control systems; the population of vehicles potentially at risk was huge; and the likelihood of exploitation was great given that the researchers were scheduled to publish the bulk of their work product. As a result, almost one and a half million vehicles were recalled (NHTSA Recall Campaign Number: 15V461000). Before the researchers’ report was released, the cellular carrier for the affected vehicles blocked access to one specific port (TCP 6667) for the private IP addresses used to communicate with vehicles. However, the recall was still necessary to mitigate other, short-range vulnerabilities.
 
The manufacturer and cell service provider have provided a remedy to mitigate the specific vulnerabilities. The manufacturer announced it would notify owners of vehicles affected by the recall and would mail them a USB drive containing the update and additional security features for the vehicle software. Alternatively, the manufacturer announced that owners could visit a Web site to check if their vehicle was included in the recall and to download the software update to a USB drive. Owners who did not wish to install the update via USB to their own vehicles were given the option to have their vehicle dealer install the update.
 
Cybersecurity Recalls and Consumer Action
How can consumers determine whether their vehicle has been recalled for a vehicle cybersecurity issue?
When a vehicle is included in a recall, the manufacturer sends a notification to vehicle owners informing them of the issue and how to obtain a free remedy to address the problem.
In general, it is important that consumers maintain awareness of the latest recalls and updates affecting their motor vehicles. This can be done by following the instructions on NHTSA’s safercar.gov Web site, media and news announcements of recalls, contacting your nearest vehicle dealership, or checking the vehicle manufacturer’s Web site for recall-related information. Vehicle owners should check the vehicle’s VIN for recalls at least twice per year using this Web link: http://vinrcl.safercar.gov
 
Consumers can also look for other related information for their vehicles at the following Web links:
 
How can consumers help minimize vehicle cybersecurity risks?
1. Ensure your vehicle software is up to date
If a manufacturer issues a notification that a software update is available, it is important that the consumer take appropriate steps to verify the authenticity of the notification and take action to ensure that the vehicle system is up to date.
As a note of caution, if manufacturers regularly make software updates for vehicles available online, it is possible that criminals may exploit this delivery method. A criminal could send socially engineered e-mail messages to vehicle owners who are looking to obtain legitimate software updates. Instead, the recipients could be tricked into clicking links to malicious Web sites or opening attachments containing malicious software (malware). The malware could be designed to install on the owner’s computer, or be contained in the vehicle software update file, so as to be introduced into the owner’s vehicle when the owner attempts to apply the update via USB. Additionally, an attacker could attempt to mail vehicle owners USB drives containing a malicious version of a vehicle’s software. To mitigate potential risks, vehicle owners should always:
  • Verify any recall notices received by following the steps for determining whether a vehicle has been recalled for a vehicle cyber security issue, as outlined above.
  • Check on the vehicle manufacturer’s Web site to identify whether any software updates have been issued by the manufacturer.
  • Avoid downloading software from third-party Web sites or file-sharing platforms.
  • Where necessary, always use a trusted USB or SD card storage device when downloading and installing software to a vehicle.
  • Check with the vehicle dealer or manufacturer about performing vehicle software updates.
If uncomfortable with downloading recall software or using recall software mailed to you, call your dealer and make an appointment to have the work done by a trusted source.
 
2. Be careful when making any modifications to vehicle software
Making unauthorized modifications to vehicle software may not only impact the normal operation of your vehicle, but it may introduce new vulnerabilities that could be exploited by an attacker. Such modifications may also impact the way in which authorized software updates can be installed on the vehicle.
 
3. Maintain awareness and exercise discretion when connecting third-party devices to your vehicle
All modern vehicles feature a standardized diagnostics port, OBD-II, which provides some level of connectivity to the in-vehicle communication networks. This port is typically accessed by vehicle maintenance technicians, using publicly available diagnostic tools, to assess the status of various vehicle systems, as well as to test emissions performance. More recently, there has been a significant increase in the availability of third-party devices that can be plugged directly into the diagnostic port. These devices, which may be designed independent of the vehicle manufacturer, include insurance dongles and other telematics and vehicle monitoring tools. The security of these devices is important as it can provide an attacker with a means of accessing vehicle systems and driver data remotely.
While in the past accessing automotive systems through this OBD-II port would typically require an attacker to be physically present in the vehicle, it may be possible for an attacker to indirectly connect to the vehicle by exploiting vulnerabilities in these aftermarket devices. Vehicle owners should check with the security and privacy policies of the third-party device manufacturers and service providers, and they should not connect any unknown or un-trusted devices to the OBD-II port.
 
4. Be aware of who has physical access to your vehicle
In much the same way as you would not leave your personal computer or smartphone unlocked, in an unsecure location, or with someone you don’t trust, it is important that you maintain awareness of those who may have access to your vehicle.
 
What should you do if you suspect you are a victim of vehicle hacking?
In much the same way as you would not leave your personal computer or smartphone unlocked, in an unsecure location, or with someone you don’t trust, it is important that you maintain awareness of those who may have access to your vehicle.
 
1. Check for outstanding vehicle recalls or vehicle software updates
It is important that you check to identify whether there are any outstanding recalls related to your vehicle. This can be done by following the steps outlined above. You may also check on the manufacturer’s Web site to determine whether there are any software updates that may need to be applied.
 
2. Contact the vehicle manufacturer or authorized dealer
An important step is being able to diagnose whether any anomalous vehicle behavior might be attributable to a vehicle hacking attempt. Contact your vehicle manufacturer or authorized dealer and provide them with a description of the problem so that they can work with you to resolve any potential cyber security concerns.
 
3. Contact the National Highway Traffic Safety Administration
In addition to contacting the manufacturer or authorized dealer, please report suspected hacking attempts and perceived anomalous vehicle behavior that could result in safety concerns to NHTSA by filing a Vehicle Safety Complaint.

4. Contact the FBI
In addition to the above steps, please reach out to your local FBI field office and the Internet Crime Complaint Center (IC3).

Agency and Industry Action
What is NHTSA doing on vehicle cyber security?
NHTSA is the regulatory agency that sets and enforces the federal motor vehicle safety standards for new vehicles. They are actively working on several initiatives to improve the cyber security posture of vehicles in the United States. More information about their vehicle cyber security activities can be found at:
 
What are automakers doing on vehicle cyber security?
In addition to the steps taken by individual automakers to address vehicle safety and security, the auto industry has established an Information Sharing and Analysis Center (ISAC) to provide a trusted mechanism for exchanging cyber security information. The Auto ISAC will act as a central hub for gathering intelligence to help the industry analyze, share, and track cyber threats. Automakers are also collaborating on best practices for enhancing the cyber resiliency of motor vehicle electronics and associated in-vehicle networks.