I couldn’t tweet a better description than the headline for this piece: After SolarWinds breach, lawmakers ask NSA for help in cracking Juniper cold case.

For those who haven’t heard this story, the context here is back in 2015 hackers broke into the source code repository of Juniper’s NetScreen firewalls and introduced serious vulnerabilities. 1/

Everyone has heard of the SolarWinds supply chain attack, but almost nobody outside our little community remembers Juniper. We don’t even know who the ultimate victim was. And there’s a reason for that. 2/

The reason is simple: following the Juniper hack, the FBI and Juniper put a tight lid on everything. Nobody, including members of Congress, were able to get straight answers about who did it or what the target was. So it vanished from our collective memory. 3/

This has real consequences. To some extent our lack of preparedness for SolarWinds is a direct result of our government’s decision to pretend that the previous major supply-chain attacks didn’t happen. 4/