The FBI and Department of Homeland Security today released recommendations to help organizations secure their networks from ongoing cyber threats from the Russian Foreign Intelligence Service, which recently exploited software updates to the widely used SolarWinds information technology performance-monitoring platform.

“This joint advisory provides analysis of the tactics, techniques and procedures of the adversary and details specific steps to help identify corrupted software updates,” said John Riggi, AHA senior advisor for cybersecurity and risk. “Corrupted updates from ‘trusted’ sources are extremely difficult to defend against, but implementing some of the advisory’s recommendations, such as auditing log files to identify attempts to access privileged certificates and creation of fake identities, will help mitigate the threat.” 

For more on the SolarWinds breach, see the recent AHA and Health Information Sharing and Analysis Center (Health-ISAC) white paper or contact Riggi at jriggi@aha.org.
 

Related News Articles

Headline
The FBI, Cybersecurity and Infrastructure Security Agency and international agencies July 29 released a joint advisory on recent tactics by the Scattered…
Headline
Microsoft July 22 released an update on the ongoing cyberattacks to SharePoint servers used within organizations, attributing the incidents to China-based…
Headline
The FBI, Cybersecurity and Infrastructure Security Agency, Department of Health and Human Services, and Multi-State Information Sharing and Analysis Center…
Headline
Microsoft July 19 issued an alert about active attacks from vulnerabilities targeting SharePoint servers used within organizations. The incidents have not…
Headline
In his latest AHA Cyber and Risk Intel blog, Scott Gee, AHA deputy national advisor for cybersecurity and risk, explains how hospitals can prepare for and…
AHA Cyber Intel
In today’s heightened threat environment, driven by domestic and geopolitical issues, it is more critical than ever for hospitals to prepare for and mitigate…