NIST, CISA call for Rethinking Security in Wake of Supply Chain Attack. SolarWinds supply chain attack should prompt federal agencies to rethink how they approach security issues. Hackers implanted a backdoor in a software update for SolarWind’s Orion network monitoring platform. The update with the backdoor was eventually installed by about 18,000 of the company’s customers. The hackers gained domain administrative credentials for Active Directory, which could lead to full identity compromise for on-premises networks and infrastructure.”]
Source: https://www.bankinfosecurity.com/lesson-from-solarwinds-attack-its-time-to-beef-up-iam-a-16115