The U.S. government confirmed Wednesday that several of its networks were affected by a recent hacking campaign widely suspected to be led by the Russian government, calling the attack “significant and ongoing.
The hack targeted users of the software company SolarWinds, using its platform to peer into computer networks for various U.S. government agencies and Fortune 500 companies.
The U.S. Department of Homeland Security and the federal Treasury and Commerce departments were among the agencies affected.


“This is a developing situation, and while we continue to work to understand the full extent of this campaign, we know this compromise has affected networks within the federal government,” said a joint statement issued by the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the Office of the Director of National Intelligence (ODNI).
Officials widely suspect Russia is behind the attack, although the joint statement does not say who investigators believe is responsible. It also doesn’t specifically mention which agencies were impacted.


SolarWinds said up to 18,000 of its customers had downloaded a compromised software update that allowed hackers to spy unnoticed on businesses and agencies for almost nine months. The company says the attack was directed by an “outside nation state,” but has also not named Russia.
“Over the course of the past several days, the FBI, CISA, and ODNI have become aware of a significant and ongoing cybersecurity campaign,” the joint statement said.
“The FBI is investigating and gathering intelligence in order to attribute, pursue, and disrupt the responsible threat actors,” the statement said.
The FBI, CISA and ODNI have formed a Cyber Unified Coordination Group to coordinate the U.S. government’s response, it said.