The U.S. government confirmed on Wednesday that a recently hacked campaign was affecting its networks, saying the attack was “significant and ongoing.”
Hackers believed to be working for Russia have been monitoring internal e-mail traffic at US finance and trade departments, Reuters reported earlier this week, quoting people who said they feared the hacks discovered so far could be the tip of the iceberg.
“This is a developmental situation, and as we continue to work to understand the full scope of the campaign, we know that this compromise has affected networks within the federal government,” said a joint statement from the FBI, Cybersecurity and Infrastructure Security Agency (CISA) and Office of the Director of National Intelligence (ODNI).
The technology company SolarWinds Corp, the most important step used by hackers, said up to 18,000 of its customers had downloaded a compromised software update that allowed hackers to spy on companies and agencies unnoticed for nearly nine months.
“In recent days, the FBI, CISA and ODNI have become aware of a significant and ongoing cyber security campaign,” the joint statement said.
“The FBI investigates and collects intelligence to attribute, prosecute and disrupt those responsible actors,” the statement said.
The FBI, CISA and ODNI have formed a Cyber Unified Coordination Group to coordinate the US government’s response, it says.
White House National Security Adviser Robert O’Brien suspended a European trip on Tuesday and returned to Washington to deal with the attack.