Read the original article: SolarWinds attack explained: And why it was so hard to detect
The recent breach of major cybersecurity company FireEye by nation-state hackers was part of a much larger attack that was carried out through malicious updates to a popular network monitoring product and impacted major government organizations and companies. The incident highlights the severe impact software supply chain attacks can have and the unfortunate fact that most organizations are woefully unprepared to prevent and detect such threats.
A hacker group believed to be affiliated with the Russian government gained access to computer systems belonging to multiple US government departments including the US Treasury and Commerce in a long campaign that is believed to have started in March. The news triggered an emergency meeting of the US National Security Council on Saturday.
Read the original article: SolarWinds attack explained: And why it was so hard to detect