The US Treasury confirmed for the first time on Monday that hackers had gained access to its IT systems, as more details continued to emerge about the massive cyber espionage campaign that came to light last week.
US government agencies have been among the casualties of the campaign, which has been taking place over the past nine months and is still ongoing.
Steven Mnuchin, Treasury secretary, confirmed reports that his department had been hacked, saying that its unclassified systems had been accessed but its classified systems had not.
“I will say that the good news is there has been no damage, nor have we seen any large amounts of information displaced,” he said in an interview with CNBC.
The hackers gained access by hijacking software from SolarWinds, a Texas-based IT company which said last week that some 18,000 of its government and business clients globally may have been exposed.
The commerce and energy department have already confirmed that they have been hacked, while numerous other federal agencies have said they were assessing for damage.
Microsoft, itself a casualty of the attack, said it had identified more than 40 of its customers who had been singled out for precise and sophisticated targeting, many of which were cyber security and IT companies.
William Barr, attorney-general, on Monday became the latest senior figure in the Trump administration to attribute the hack to the Russian government — contradicting President Donald Trump’s assertion that China may be to blame.
Mr Barr said that he supported comments from Mike Pompeo, secretary of state, who last week suggested that Russia was “pretty clearly” responsible for the sweeping hacking operation.
“From the information I have, I agree with secretary Pompeo’s assessment,” Mr Barr said at the justice department. “It certainly appears to be the Russians but I’m not going to discuss it beyond that.”
On Saturday, Mr Trump tweeted that the hack — which US cyber officials have warned poses a “grave risk” to the government, critical infrastructure and the private sector — was being overhyped “in the fake news media” and that “everything is well under control”.
Mr Trump added: “Russia, Russia, Russia is the priority chant when anything happens because Lamestream is, for mostly financial reasons, petrified of discussing the possibility that it may be China (it may!).”
There is widespread consensus among cyber and intelligence experts that the espionage campaign bears hallmarks of a Russian campaign, with the tactics and coding used pointing more specifically to SVR, Russia’s foreign intelligence service.
The Trump administration has come under fire for not doing more to shore up the government’s cyber defences, as some politicians and cyber experts call for action to be taken against the hackers.
Ron Klain, president-elect Joe Biden’s chief of staff, criticised the Trump administration over the weekend for giving conflicting messages about the hack and its perpetrators in an interview with CBS News.
He said that when in office, Mr Biden would not just impose sanctions on state-backed hackers, but “degrade the capacity of foreign actors to launch these kinds of attacks on our country”.