Joint H-ISAC, AHA White Paper Strategic Threat Intelligence: Preparing for the Next “Solarwinds” Event April 2021

Health-ISAC, in cooperation with the American Hospital Association, has published our Strategic Threat Intelligence: Preparing for the Next "SolarWinds" Event report, which focuses on the key characteristics contributing to many enterprise network compromises, including the recent SolarWinds Orion incident.

The paper is meant for all audiences, non-technical and technical, as it presents strategic level decision elements that senior leaders including C-Suite Executives can use to help understand the risks involved with certain enterprise IT systems in their network environment. The intelligence also provides detailed technical analysis and recommendations for IT and information security teams to help address immediate concerns by providing tactical mitigations and recommendations. For our technical audience, this paper presents a detailed analysis of characteristics that allowed the SolarWinds incident to affect multiple industries, organizations, and systems.

The ability to extract the characteristics and features of SolarWinds could allow organizations to predict and hopefully prevent the next “SolarWinds”-like event in their enterprise environments. Key topics from the report include:

  • Executive Summary
  • SolarWinds - Characteristics that made the attack possible
  • Other examples from the past
  • HP OpenView (2009)
  • Wannacry (2017)
  • Petya and NotPetya (2017)
  • SAP Solution Manager (SolMan) (2021)
  • Technical Recommendations
  • Recommendations from Health-ISAC and AHA
  • Resources

View the entire white paper below. 

Related Resources

Advisory
Member
The FBI, jointly with the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of the Treasury, today issued a public cybersecurity…
Letter/Comment
Public
The American Hospital Association (AHA) writes in support of the Protecting and Transforming Cyber Health Care (PATCH) Act (S.3983). AHA and its members are…
AHA Center for Health Innovation Market Scan
Health care is under attack as never before from cybercriminals, and the stakes are rising for hospitals and patient safety. The latest potential threat: The…
Advancing Health Podcast
Public
Over the past few years every leader of health care organization in the country has had to acknowledge the threat of a cyberattack that has the potential to…
Advancing Health Podcast
Public
In this special Cybersecurity podcast we have the opportunity to talk to leaders of an AHA member hospital who was a victim of a major ransomware attack in the…
Letter/Comment
Public
AHA letter to Senators Jack Rosen and Bill Cassidy, M.D. voicing support of the Healthcare Cybersecurity Act (S.3904).