The massive hacking campaign disclosed by U.S. officials this week and tentatively attributed to the Russian government extended beyond users of pervasive network software that had been compromised.
The Department of Homeland Security said in a bulletin on Thursday that the spies had used other techniques besides corrupting updates of network management software by SolarWinds , which is used by hundreds of thousands of companies and government agencies.
"The SolarWinds Orion supply chain compromise is not the only initial infection vector this APT actor leveraged," said DHS's Cybersecurity and Infrastructure Security Agency, referring to "advanced persistent threat" adversaries.