Solarwinds Details

    Organization Logo

    Solarwinds

    Austin, TX2305 employees • Information Technology

    Industry

    Information Technology

    Security Incidents

    1

    Security Incidents

    Solarwinds Breach of Oct 2020
    Severity Score
    High

    Type

    3rd Party Compromise

    Summary

    In December 2020, the cybersecurity firm FireEye uncovered a large-scale cyber-espionage operation involving a supply chain attack on SolarWinds' Orion software. This sophisticated campaign, attributed to a group designated UNC2452, utilized a compromised update to install a backdoor known as SUNBURST. This malware allowed attackers to execute a variety of commands on infected systems, facilitating espionage activities against numerous public and private sector organizations worldwide, including notable U.S. governmental bodies. During this operation, attackers employed advanced stealth techni...
    Show more

    Severity

    The SolarWinds cyber attack was an extraordinarily sophisticated operation orchestrated by Russian intelligence, targeting government agencies and major corporations. This advanced and stealthy attack utilized a supply chain compromise by infiltrating the widely-used SolarWinds software with malicious code that propagated through routine updates. Reportedly, over 18,000 customers were compromised, including critical U.S. government departments, highlighting the massive scale of this breach.

    This incident represents one of the most significant and complex cyber espionage cases known to date. T...
    Show more

    Impact

    The infamous SolarWinds incident was a large-scale cyber espionage attack predominantly attributed to Russian state actors exploiting vulnerabilities in SolarWinds' Orion software. This attack was characterized by a sophisticated supply chain compromise where malware, dubbed SUNBURST, was injected into Orion updates. It ultimately affected a wide range of public and private entities, including key U.S. government agencies, leading to unauthorized access and data extraction. Criticized for its weak security culture, Microsoft’s vulnerabilities were notably a significant entry point for the atta...
    Show more

    KEEP YOUR ENVIRONMENT SECURE

    Weak credentials are the leading cause of breaches. Beyond Identity can help.

    See MFA exploits in action
    Watch how adversaries exploit companies in quick videos