Cyber Supply Chain Security

The SolarWinds supply chain attack that came to light nine months ago, brought into sharp focus the risk of purchasing software or hardware with deliberately or accidentally built-in weaknesses. Many organizations around the globe understood for the first time that the risk was higher than they had ever expected.

Perhaps the most shocking thing to come to light was the fact that the software supplier had been compromised more than a year before the breach and malicious activity was discovered, and not by Solar Winds, but a third-party security firm.

By breaching SolarWinds, the attackers were able to insert backdoor malware in the Orion network management system code that was delivered to Orion customers in an update to the Orion software. The backdoor was designed to enable the attackers to impersonate users and accounts of victim organizations.

Because the breach by suspected nation-state attackers affected more than 30,000 organizations, both public and private around the...

This publication is only available to our subscribers.

Register and read on!

Sign up for the Professional or Specialist Subscription Packages to access the entire body of KuppingerCole research including this blog.

I have an account
Log in  
Register your account to start 30 days of free trial access
Subscribe to become a client
Choose a package  

Stay Connected

KuppingerCole on social media

Subscribe to our Podcasts

KuppingerCole Podcasts - listen anywhere

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00