On December 13th, FireEye disclosed a global supply chain attack allegedly carried out by a nation-state actor. According to the firm’s threat research, the cyber adversary added a backdoor to commonly used SolarWinds Orion IT management software, apparently by infiltrating the vendor’s software development pipeline. Subsequently, any customer that installed the trojanized software update was exposed to the malware which connects to an attacker-controlled command-and-control server. Once installed, the backdoor enables the threat actor to download additional malware, move laterally within the victim’s environment, exfiltrate data, and conceal tools for remote access in the future.