Washington : The US government confirmed Wednesday that a massive hack had occurred in at least two federal departments, including the US Treasury and the Department of Commerce.
"This is a developing situation, and while we continue to work to understand the full extent of this campaign, we know this compromise has affected networks within the federal government," said a joint statement from the FBI, Cybersecurity and Infrastructure Security Agency (CISA), and Office of the Director of National Intelligence (ODNI).
"The FBI is investigating and gathering intelligence in order to attribute, pursue, and disrupt the responsible threat actors," the statement said.
Russian hackers are believed to be behind the attack. Hackers were able to monitor internal email traffic at the Treasury and Department of Commerce. Reuters news agency reported earlier this week that people involved with the investigation were concerned that what the hacks have already revealed may just be the tip of the iceberg.
Hackers were able to access federal agencies through holes in software from US-based company SolarWinds. The company offered updates to its Orion software in March that unknowingly included hidden malicious code that could give hackers the same views as in-house IT crews. Some 18,000 SolarWinds' clients are thought to have downloaded the compromised updates.