Sector Alert TLP White: Department of Homeland Security releases Cloud/Email compromise detection tool Sparrow, Dec 29, 2020

In mid-December 2020, it was widely reported that a highly sophisticated, large-scale, supply chain cyberattack was conducted against the SolarWinds Orion network management platform which likely impacted almost 18,000 customers. Victim organizations include both government and private sector, across many industry verticals including healthcare. The federal government continues to investigate the full scope of the campaign, as well as develop and highlight actions individual organizations can take to identify associated malicious activity and secure their infrastructure from future compromises. As part of this effort, the Department of Homeland Security (DHS) is releasing a free tool for detecting unusual and potentially malicious activity called Sparrow which can be found here.

Key Resources

Related Resources

Letter/Comment
AHA Responds to CISA Proposed Rule on Cyber Incident Reporting Requirements
Public
Advisory
HHS Issues Alert on Critical Vulnerability in ‘MOVEit,’ File Transfer Platform Used by Health Care Sector
Public
Special Bulletin
AHA Helps Secure New Cybersecurity Resources from Microsoft and Google to Assist Rural Hospitals
Public
Advancing Health Podcast
How to Survive a Cyberattack with Scripps Health: Part Two
Public
Special Bulletin
HHS Authorizes UnitedHealth Group to Make Breach Notifications on Behalf of Providers
Member
Advancing Health Podcast
How to Survive a Cyberattack with Scripps Health: Part One
Public