The SolarWinds cyber attack, attributed to Russian Foreign Intelligence Service (SVR) operatives, represented a sophisticated and long-undetected espionage campaign that compromised the SolarWinds Orion software. This breach, one of the most consequential to date, allowed hackers to infiltrate the networks of thousands of SolarWinds customers, including U.S. government agencies and numerous private sector organizations. The attackers exploited the supply chain vulnerability to insert malicious code into the company's software system. The breach was significant not just for the scale and sensitivity of the information accessed but also for the depth of access the attackers achieved into the networks of critical infrastructure entities, leading to concerns over national security and the integrity of critical IT infrastructure. The attackers' ability to remain undetected for months underscored the sophisticated nature of the operation and the challenge of defending against state-sponsored cyber espionage.
Source: https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-110a
"id": "sol1016050824",
"linkid": "solarwinds",
"type": "Vulnerability",
"date": "04/2021",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"