SolarWinds

The SolarWinds cyber attack, attributed to Russian state-sponsored actors, represents one of the most significant and sophisticated cybersecurity breaches against the global IT supply chain. The attack involved the compromise of the SolarWinds Orion software update mechanism, which was then used to deploy a malicious update to as many as 18,000 SolarWinds customers. This breach allowed the attackers to conduct espionage and potentially disrupt network operations across numerous U.S. federal agencies, critical infrastructure entities, and private sector organizations. The severity of this incident lies not only in the scale and depth of the intrusion but also in the stealth and sophistication with which the attackers operated, going undetected for several months. The SolarWinds breach underscores the high level of vulnerability in global IT supply chains and the critical need for enhanced cybersecurity vigilance and defense measures.

Source: https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-110a

"id": "sol102050724",
"linkid": "solarwinds",
"type": "Breach",
"date": "12/2020",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"