Insider threats run deep throughout corporate America and the developer community across the globe. What makes supply chain compromises so fascinating is the patience that these subterranean foreign controlled agents have and their cloaking mechanisms. Thanks to FireEye we at least have a better understanding of the C2 (description here). The Russian S.V.R will continue to target the weakest links and move laterally to their targets across all industry sectors. What happened with Solarwinds is not just an intelligence failure, but a failure of cybersecurity tools to identify, protect, and respond in real-time. Why are we so complacent with that? The New York Times has an excellent piece here that will get you thinking about who you trust.
Regardless of motive, doing so is likely illegal, under U.S. and some foreign laws, and could result in civil and/or criminal liability.” What makes hacking back “likely illegal” is the Computer Fraud and Abuse Act.