The Sunburst attack compromised around 18,000 systems across the globe, with many of those impacted still not yet sure what the final impact will be. Whilst the most prominent victims of the attacks were federal agencies including the Department of Homeland Security and parts of the Pentagon, attackers also gained access to fundamental systems of more than 425 of the top Fortune 500 list, the top 10 telecommunications companies, and five branches of the military.
The attack was caused by a routine software update. It is a common best practice to keep all Operating Systems, software applications and systems updated with the very latest releases to ensure that the latest bug fixes and vulnerabilities are closed off. As many diligent IT administrators followed their standard processes and upgraded as soon as possible, this update led to 18,000 networks allowing a malicious trojan onto their networks which lay dormant for a couple of weeks before it started to act.