That's my "light on the Chicken Little, heavy on the realpolitik" hot take on the SolarWinds Orion supply chain attack. "What if CIA and NSA have already been doing to Russia what SVR did to the United States - just without getting caught doing it? It's important to remember that the apparent focus of the hack of Austin, Texas-based SolarWinds' software development pipeline, which resulted in the company's Orion network monitoring software being backdoored, was espionage. In particular, investigators have suggested that Russia's SVR foreign intelligence service may have been behind the hacking campaign. While the Trojanized Orion software was pushed to nearly 18,000 customers, FireEye investigators suspect attackers only pushed additional malware onto devices - escalating the attack and paving the way for data exfiltration - at approximately 50 organizations' networks. From an intelligence standpoint, each of those victims was likely a big fish.