Several U.S. government agencies and large organizations were hit by cyberattacks due to a vulnerability in IT infrastructure provider – SolarWinds.
Many government agencies and Fortune 500 companies use SolarWinds, which contributed to the severity of the attack.
Organizations were forced to continue working with it despite knowing that a breach had occurred.
The attack resulted from a weak password that an intern had used – “solarwinds123”.
The attack affected thousands of SolarWinds’ clients, causing billions in damages.
Source: https://securityaffairs.co/wordpress/139160/data-breach/worst-data-breaches.html
TPRM report: https://scoringcyber.rankiteo.com/company/solarwinds
"id": "sol22751222",
"linkid": "solarwinds",
"type": "Vulnerability",
"date": "02/2021",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'customers_affected': 'Thousands of clients',
'industry': 'Technology',
'name': 'SolarWinds',
'type': 'IT infrastructure provider'}],
'attack_vector': 'Vulnerability in IT infrastructure',
'description': 'Several U.S. government agencies and large organizations were '
'hit by cyberattacks due to a vulnerability in IT '
'infrastructure provider – SolarWinds.',
'impact': {'financial_loss': 'Billions in damages'},
'post_incident_analysis': {'root_causes': 'Weak password'},
'title': 'SolarWinds Cyberattack',
'type': 'Cyberattack',
'vulnerability_exploited': "Weak password ('solarwinds123')"}