We have identified a global campaign that introduces a compromise into the networks of public and private organizations through the software supply chain, FireEye CEO Kevin Mandia announced in a Sunday blog post. This compromise is delivered through updates to a widely used IT infrastructure management software - the Orion network monitoring product from SolarWinds. The campaign demonstrates top-tier operational tradecraft and resourcing consistent with state-sponsored threat actors.
Left unsaid in Mandia s statement was that FireEye was one of the victims of the campaign against an unknown number of SolarWinds customers, which include hundreds of the world s largest companies and government agencies, including the U.S. National Security Agency.