Beazley considers the Solarwinds Orion compromise (“SUNBURST” compromise) as a serious incident. Based on analysis by investigators, the attack appears to have been targeted at government agencies and a small number of quasi-governmental organizations and corporations, primarily in the technology sector.
To help you better understand whether your organization might be at risk, we are providing the following self-assessment. Because the attack appears to have been targeted and require manual involvement for the vulnerability to be exploited, we do not believe that the majority of our insureds would benefit from an in-depth forensics engagement merely on the basis of that organization having a vulnerable installation of the Orion platform within their environment.
This risk assessment is intended to help you determine whether an in-depth forensics investigation would be necessary and beneficial or if other actions might be more appropriate. If you have difficulty with any of the questions, please consult with your IT team or provider.