The Solar Winds attack exploited vulnerabilities which we continue to tolerate

The cyber attack still unfolding in the US may turn out to be the most serious nation-state espionage campaign in history. Assessing the possible damage and clearing up the infection will take many months and will extend to the thousands of government departments and FTSE companies in many countries that used SolarWinds Orion software for managing their networks, since it was the regular upgrades to this which delivered at least part of the infection. If Russian intelligence agencies were responsible, we should assume the damage goes beyond mere espionage – they may use the access to alter, monetise or destroy corporate and government data.