SolarWinds supply-chain hack is disclosed after hitting federal agencies

FireEye and SolarWinds disclosed that Russian Foreign Intelligence Service (SVR) hackers had inserted a backdoor called SUNBURST into SolarWinds' Orion network-management software, which had been pushed in trojanized updates to roughly 18,000 customers. Federal victims included the Treasury, Commerce, State, Energy, and Homeland Security departments, plus CISA itself. The disclosure prompted CISA to issue Emergency Directive 21-01 ordering federal agencies to disconnect Orion. The breach reshaped federal supply-chain security policy.