The hackers that infiltrated into US government agencies for at least nine months ‘genuinely impacted’ about 50 organisations, FireEye, the cyber security firm that identified hacking said.
FireEye CEO Kevin Mandia said that while some 18,000 organisations had the malicious code in their networks, it was the 50 who suffered major breaches.
The US Treasury and departments of homeland security, state and defence are known to have been targeted.
US Secretary of State Mike Pompeo has blamed Russia for the hack.
So too have the chairs of the Senate and House of Representatives’ intelligence committees.
However, President Trump cast doubt on Russia’s role in two tweets on Saturday, hinting instead at Chinese involvement.
Mr Mandia in an interview said the cyber attack “was very consistent” with what US officials know about the work of Russia’s foreign intelligence agency, the SVR.
“I think these are folks that we’ve responded to in the ’90s, in the early 2000s. It’s a continuing game in cyberspace,” he said.
He said the attack on the Texas-based SolarWinds Orion, the computer network tool at the source of the breach, had the “earliest evidence of being designed”.
It started with a “dry run” in October 2019 when “innocuous code” was changed. “Then sometime in March, the operators behind this attack did put malicious code into the supply chain,” he said, “injected it in there and that is the backdoor that impacted everybody”.
Meanwhile Russia has called these claims ‘baseless’.