SolarWinds supply chain attack

GPTKB entity

Statements (50)
Predicate Object
gptkbp:instanceOf cybercrime
gptkbp:affects gptkb:Department_of_Homeland_Security
gptkb:Microsoft
gptkb:FireEye
gptkb:U.S._Department_of_State
gptkb:U.S._government_agencies
gptkb:U.S._Department_of_Commerce
gptkb:U.S._Treasury_Department
private companies
gptkbp:alsoKnownAs gptkb:Sunburst_attack
gptkbp:announced gptkb:FireEye
gptkbp:attributedTo gptkb:Cozy_Bear
gptkb:Russian_state-sponsored_hackers
gptkbp:category cybercrime
data breach
supply chain attack
gptkbp:dataCompromised Orion software updates
gptkbp:discoveredIn 2020
gptkbp:duration March 2020 to December 2020
gptkbp:exploits software update mechanism
https://www.w3.org/2000/01/rdf-schema#label SolarWinds supply chain attack
gptkbp:investigatedBy gptkb:NSA
gptkb:CISA
gptkb:FBI
private cybersecurity firms
gptkbp:ledTo Congressional hearings
increased cybersecurity measures
U.S. government sanctions against Russia
gptkbp:method supply chain compromise
gptkbp:notableFor impact on national security
scale and sophistication
gptkbp:prompted executive order on cybersecurity
increased scrutiny of software supply chains
patches and updates to Orion software
review of federal cybersecurity policies
gptkbp:response gptkb:Microsoft
gptkb:U.S._government
gptkb:Cybersecurity_and_Infrastructure_Security_Agency
gptkb:SolarWinds
gptkbp:resultedIn compromise of email accounts
loss of trust in software supply chains
theft of sensitive data
gptkbp:revealedTo December 2020
gptkbp:target gptkb:SolarWinds_Orion_software
gptkbp:usesMalware gptkb:Raindrop
gptkb:TEARDROP
gptkb:SUNBURST
gptkbp:victim over 18,000 organizations
gptkbp:bfsParent gptkb:Cozy_Bear
gptkbp:bfsLayer 6