The SolarWinds software supply-chain compromise caught many people off guard despite warnings that supply chains pose substantial risks. The attack is unprecedented because of “its capability to cause significant physical consequences,” says University of Richmond management professor Shital Thekdi, an expert on risk management and industrial and operations engineering. By this point, attacks are largely thought to have begun as far back as October 2019when hackers breached the companys Texas office, FBI, CISA, NSA, OD, CNI, FBI and NSA jointly released a joint statement.”]
Source: https://www.csoonline.com/article/3613571/the-solarwinds-hack-timeline-who-knew-what-and-when.html