The Impact of Supply Chain Attacks
In the SolarWinds Orion attack in 2020, an adversary was able to gain access to SolarWinds systems through a backdoor and create trojanized updates to the SolarWinds Orion platform. The trojanized Orion update allowed attackers to deploy stealthy malware on the networks of 18,000 SolarWinds customers, which included many US government agencies and organizations, including the Pentagon, the Department of Homeland Security, the FBI, the Army, the Navy, and many more.
The backdoor was delivered through a legitimate software update to a known (trusted) monitoring and management tool. After the installation of the backdoor, the adversary took steps to avert sandbox detection, including waiting days before for any callback to its command-and-control (C2) system.
Why Are They So Dangerous?
Security researchers state that supply chain attacks are some of the most difficult threats to prevent because they take advantage of inherent trust. Beyond that, they're difficult to detect, and they can have longer lasting residual effects.