HC3 Threat Briefing TLP White – Beyond Orion: Other Vectors in the SolarWinds Hack

January 11, 2021

Please see the attached weekly threat brief from the HHS Health Sector Cybersecurity Coordination Center (HC3). This report provides a briefing on additional vectors in the SolarWinds hack and covers the following topics: 

  • BLUF: The hack goes beyond Orion
  • SolarWinds Orion
  • The SolarWinds Hack
  • What is VMWare?
  • December 7th National Security Agency (NSA) Alert
  • December 17th NSA Advisory
  • Krebs on Security and VMWare’s Response
  • Multi-Factor Authentication (MFA) Compromise
  • Danger to the HPH Sector
  • Mitigations
  • References

Key Resources

Related Resources

Special Bulletin
Senate Deal Reached to End Government Shutdown
Member
Guides and Reports
Strategies for Cyber Preparedness in Health Care
Advisory
Hospitals That Are Oracle Customers Urged to Take Immediate Action to Address Security Vulnerability
Public
Issue Landing Page
Cybersecurity and Risk Advisory Service
Issue Landing Page
Support for Your Cybersecurity Program
Guides and Reports
Cybersecurity and Risk Advisory Services