On December 13, 2020, SolarWinds disclosed that an unknown attacker compromised its network and inserted malicious code (referred to as the Sunburst vulnerability) into software updates for the Orion platform. In what will likely become known as one of the most widespread and damaging cyber attacks in history, approximately 18,000 private and government organizations installed the malicious code as part of their usual patching process. But based on current information, the attacker – which was likely a Russian intelligence service – used the vulnerability to infiltrate only a small fraction of the organizations that installed the malicious code. Therefore, most will find no evidence of further compromise.
