In March 2020, hackers believed to be operating on behalf of a foreign government infiltrated software provider SolarWinds and then deployed a malware-infected update for its Orion software to infect numerous government and company networks.

It appears that the goal of the attackers was not to compromise SolarWinds per se but to use the software provider and its software update as a Trojan Horse for access into their customers' networks. From March through to June 2020 any customer that downloaded the software update also received the malware from the attackers: it is reported that nearly 18,000 customers of SolarWinds received the updates.

Click on the link on the right hand side to download the full document.