HC3 Threat Briefing TLP White – Beyond Orion: Other Vectors in the SolarWinds Hack

January 11, 2021

Please see the attached weekly threat brief from the HHS Health Sector Cybersecurity Coordination Center (HC3). This report provides a briefing on additional vectors in the SolarWinds hack and covers the following topics: 

  • BLUF: The hack goes beyond Orion
  • SolarWinds Orion
  • The SolarWinds Hack
  • What is VMWare?
  • December 7th National Security Agency (NSA) Alert
  • December 17th NSA Advisory
  • Krebs on Security and VMWare’s Response
  • Multi-Factor Authentication (MFA) Compromise
  • Danger to the HPH Sector
  • Mitigations
  • References

Key Resources

Related Resources

Letter/Comment
AHA Responds to CISA Proposed Rule on Cyber Incident Reporting Requirements
Public
Advisory
HHS Issues Alert on Critical Vulnerability in ‘MOVEit,’ File Transfer Platform Used by Health Care Sector
Public
Special Bulletin
AHA Helps Secure New Cybersecurity Resources from Microsoft and Google to Assist Rural Hospitals
Public
Advancing Health Podcast
How to Survive a Cyberattack with Scripps Health: Part Two
Public
Special Bulletin
HHS Authorizes UnitedHealth Group to Make Breach Notifications on Behalf of Providers
Member
Advancing Health Podcast
How to Survive a Cyberattack with Scripps Health: Part One
Public