SolarWinds Orion supply chain compromise (SOLARWINDS-2020)
Supply-chain compromise · disclosed 2020-12-13 · region: US · primary attribution: APT29
Earliest known compromise: 2019-09-04
Sectors touched: Information · Software Publishers · National Security · Executive, Legislative & Other General Government Support
Trojanised SolarWinds Orion software update distributed to ~18,000 organisations; ~100 received follow-on intrusions. The most consequential US-government cyber espionage incident of the decade. Triggered the May 2021 Cybersecurity EO 14028.
Supply-chain flow
Trojanised SolarWinds reached 11 named downstream victim(s).
Named victims
- SolarWinds
- Microsoft
- Mandiant
- US Treasury Department
- US Commerce Department
- US State Department
- US Department of Justice
- US Department of Homeland Security
- Cisco
- Intel
- NVIDIA
- VMware
CVEs linked to this incident
Linked sources
This canonical entry pulls together coverage from the other data layers — curated narrative above; raw sources below.
- MITRE campaign: SolarWinds Compromise (C0024)
- CISA/FBI/NCSC advisories: