Orion software compromise

URI: https://gptkb.org/entity/Orion_software_compromise

GPTKB entity

Predicate	Object
gptkbp:instanceOf	cybercrime
gptkbp:affects	gptkb:SolarWinds_Orion_Platform
gptkbp:alsoKnownAs	gptkb:SolarWinds_hack
gptkbp:category	cybercrime nation-state attack
gptkbp:consequence	increased supply chain security awareness global cybersecurity reforms
gptkbp:discoveredBy	gptkb:FireEye
gptkbp:discoveredIn	December 2020
gptkbp:duration	March 2020 to December 2020
gptkbp:enemyOf	supply chain attack
https://www.w3.org/2000/01/rdf-schema#label	Orion software compromise
gptkbp:impact	espionage data breach
gptkbp:method	malicious code injection
gptkbp:notableCompany	gptkb:U.S._government_agencies private sector companies
gptkbp:notableVictim	gptkb:Department_of_Homeland_Security gptkb:Microsoft gptkb:U.S._Department_of_Treasury gptkb:FireEye gptkb:U.S._Department_of_Commerce
gptkbp:perpetrator	suspected Russian state-sponsored group
gptkbp:response	federal investigation software patch released
gptkbp:usesMalware	gptkb:TEARDROP gptkb:SUNBURST
gptkbp:vulnerableTo	gptkb:CVE-2020-10148
gptkbp:bfsParent	gptkb:SolarWinds_investigation
gptkbp:bfsLayer	7