The forensic investigation into the SolarWinds supply chain attack and mitigation efforts are still ongoing and will continue into 2021. Affected organizations likely do not yet know the full extent of infiltration.
While details about how hackers pivoted from SolarWinds to customer networks via the tainted Orion malware have come to light, SolarWinds has not yet said how hackers breached its own network.
This SolarWinds Supply Chain Attack Infographic illustrates the tactics, techniques, and procedures that the hackers used for their attack, the overall impact the data breach causes, as well as the main takeaways for organizations.