SolarWinds

The SolarWinds cyber attack, identified in December 2020, stands as one of the most significant and widespread cybersecurity breaches involving a supply chain attack vector. Russian Foreign Intelligence Service (SVR) operatives executed this meticulously planned operation, subtly compromising the software development process of SolarWinds' Orion Platform. By inserting a malicious code into the software updates, the attackers managed to infiltrate the networks of approximately 18,000 SolarWinds customers, including U.S. federal agencies, critical infrastructure entities, and numerous private sector organizations globally. The severity of this breach lies not only in the scale and high-profile nature of the targeted entities but also in the potential access gained to sensitive information and the compromise of national security interests. The attackers demonstrated advanced capabilities, staying undetected for months while accessing sensitive data. This incident highlighted the vulnerabilities in the supply chain and the significant impact such breaches can have on national security, corporate governance, and consumer trust.

Source: https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-110a

"id": "sol201050824",
"linkid": "solarwinds",
"type": "Cyber Attack",
"date": "05/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"