This is called a supply-chain attack, because it targets a supplier to an organization rather than an organization itself—and can affect all of a supplier’s customers. It’s an increasingly common way to attack networks. Other examples of this sort of attack includefake appsin the Google P...
too, companies that were focused on election security, like FireEye and Microsoft, are now revealing that they were breached as part of the larger supply chain attack.
“Inside American intelligence agencies, there have been warnings that the SolarWinds attack — which enabled the SVR to place ‘back doors’ in the computer networks — could give Russia a pathway for malicious activity against government agencies and corporations,” The Times observed....