The Russian APT group Cozy Bear inserted malware into a service that pushes software updates for SolarWinds’ Orion platform, which is used across countless U.S. government agencies and Fortune 500 firms. FireEye was the first to reveal that it had fallen victim to the intrusion and later presented evidence that the Orion platform was compromised as far back as March 2020.
Suspected victims
- More than eighteen thousand SolarWinds customers
Suspected state sponsor
- Russian Federation
Type of incident
- Espionage
Target category
- Government
- Private sector
- Military
Victim government reaction
- Yes
Policy response
Read more
- Security News This Week: Russia's SolarWinds Hack Is a Historic Mess
- SolarWinds Hack Could Affect 18K Customers
- SolarWinds not the only company used to hack targets, tech execs say at hearing
- FACT SHEET: Imposing Costs for Harmful Foreign Activities by the Russian Government
- US institutes new Russia sanctions in response to SolarWinds hack