Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Observer Research Foundation America

Observer Research Foundation America Vendor Cyber Rating & Cyber Score

orfamerica.org

The Observer Research Foundation America (ORF America) is an independent, non-partisan, and nonprofit organization in Washington DC dedicated to addressing policy challenges facing the United States, India, and their partners in a rapidly changing world. ORF America produces research, curates diverse and inclusive platforms, and develops networks for cooperation between the developed and developing worlds based on common values and shared interests. Its areas of focus are international affairs and security, technology policy, energy and climate, and economic development. Established in 2020, ORF America is an overseas affiliate of the Observer Research Foundation (ORF), India’s premier non-government think tank.


ORFA A.I CyberSecurity Scoring

ORFA
Company Information
Website:https://orfamerica.org
Employees number:29
Number of followers:8,312
NAICS:54172
Industry Type:Think Tanks
Homepage:orfamerica.org
ORFA Risk Score (AI oriented)
Between 700 and 749
logo
ORFAThink Tanks
Updated:
04/04/2026
734/1000
Moderate
Ba
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
ORFA Global Score (TPRM)
xxxx
logo
ORFAThink Tanks
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

ORFA
ORFAModerate
Current Score
734Ba (MODERATE)
01000
1 incidents
-17 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
736Before Incident
JUNE 2026
736Before Incident
MAY 2026
735Before Incident
APRIL 2026
735Before Incident
MARCH 2026
734Before Incident
FEBRUARY 2026
733Before Incident
JANUARY 2026
733Before Incident
DECEMBER 2025
733Before Incident
NOVEMBER 2025
749Before Incident
Cyber Attack
06 Nov 2025ORFA
Government entities and think tanks (targeted by Kimsuky)

Kimsuky Multi-Stage Malware Campaign Leveraging VS Code Extensions and GitHub for C2

732After Incident
CRITICAL-17
OBS1093010110625
Security researchers uncovered a sophisticated multi-stage attack campaign by Kimsuky, a North Korean state-sponsored threat group, targeting government agencies and think tanks. The attack leveraged Visual Studio Code extensions, GitHub, and compromised subdomains (e.g., *iuh234.medianewsonline[.]com*) as command-and-control (C2) infrastructure to deploy ransomware and reconnaissance malware. The infection chain began with a JavaScript file (*Themes.js*), which downloaded secondary payloads to harvest system details, running processes, and files from the *Users* directory. Collected data was exfiltrated via encoded cabinet files using certutil (a Living-Off-The-Land Binary) to evade detection. Persistence was established via a scheduled task (*Windows Theme Manager*), ensuring long-term access even after reboots. The campaign demonstrated espionage-focused tactics, with attackers conducting extensive system reconnaissance before potential ransomware deployment. The use of legitimate platforms (GitHub, VS Code extensions) for C2 and social engineering lures (e.g., *E-CARD.docx*) highlights the group’s ability to bypass traditional defenses. The attack poses severe risks to national security, sensitive government data, and critical infrastructure, with implications for geopolitical stability if high-value intelligence is compromised.
INCIDENT DETAILS -
TYPE
EspionageMalwareRansomware (potential)Data Exfiltration
MOTIVATION
EspionagePotential Ransomware DeploymentHigh-Value Target Reconnaissance
IMPACT
System detailsRunning processesFiles in Users directoryComputer namePersistent access via scheduled tasksData exfiltrationPotential follow-on ransomware/espionage
DATA BREACH
System metadataProcess listsUser directory filesSensitivity Of Data: Moderate to High (system reconnaissance data)Certutil (LOLBIN) for cabinet file encoding
OCTOBER 2025
749Before Incident
SEPTEMBER 2025
749Before Incident
AUGUST 2025
749Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for ORFA ?
?
What was ORFA's A.I Rankiteo Cyber Score in June 2026 ?
?
What was ORFA's A.I Rankiteo Cyber Score in May 2026 ?
?
What was ORFA's A.I Rankiteo Cyber Score in April 2026 ?
?
What was ORFA's A.I Rankiteo Cyber Score in March 2026 ?
?
What was ORFA's A.I Rankiteo Cyber Score in February 2026 ?
?
What was ORFA's A.I Rankiteo Cyber Score in January 2026 ?
?
What was ORFA's A.I Rankiteo Cyber Score in December 2025 ?
?
What was ORFA's A.I Rankiteo Cyber Score in November 2025 ?
?
What was ORFA's A.I Rankiteo Cyber Score in October 2025 ?
?
What was ORFA's A.I Rankiteo Cyber Score in September 2025 ?
?
What was ORFA's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on ORFA's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with ORFA ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view ORFA's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?