Security vendor FireEye uncovered the SolarWinds campaign when investigating a breach of its own network recently that resulted in several of its offensive hacking tools being stolen. The threat actor, UNC2452, inserted a backdoor dubbed SUNBURST into a digitally signed component of SolarWind’s Orion network management product. The malware was concealed in legitimate updates to the product distributed between March and June of this year. Attackers could use their access to disrupt operations, causing production stoppages or, worse, safety and environmental incidents.”]