In 2020, cybersecurity company Mandiant’s computer system was compromised by an intruder exploiting an innocuous crack: routine software updates pushed out by another company, SolarWinds. Mandiant was one of nearly 18,000 organizations to receive the compromised software.
The attack, a supply-chain hack by a Russian intelligence agency, demonstrates the trade-off between system coordination and vulnerability to attack, according to science and technology scholar Rebecca Slayton.[1] “Standards