The agencies said the widespread violations appeared to be part of an espionage operation, not a disruption.
U.S. intelligence agencies have said Russia is likely behind a massive hack into government departments and businesses.
Tuesday’s announcement, which came in a rare joint statement from the Federal Bureau of Investigation, the National Security Agency and the Agency for Cybersecurity and Infrastructure Security, rejects claims by President Donald Trump that widespread piracy may have been the work of China.
The statement represented the US government’s first official allocation of responsibility for the violations.
It was also the first time that intelligence services had officially referred to a hacking pattern, which they said appeared to be part of “intelligence gathering” and so far suggests that the evidence points to a hacking effort. Russian espionage rather than an attempt to harm or disrupt the government. operations.
The agencies said the actor, “probably of Russian origin, is responsible for most or all of the recently discovered and ongoing cyber compromises of government and non-government networks.”
“This is a serious compromise that will require a sustained and dedicated effort to address it,” the statement said.
Russia has denied any involvement in the hacking.
U.S. officials including Attorney General William Barr and Secretary of State Mike Pompeo and cybersecurity experts have previously said Russia was to blame.
But Trump, in a series of tweets late last month, sought to downplay the seriousness of the hack and raised the unsubstantiated idea that China could be responsible.
– Cybersecurity and Infrastructure Security Agency (@CISAgov) January 5, 2021
The departments penetrated into hacking include Defense, State, Homeland Security, Treasury, and Commerce and are considered the worst known cyber compromise in recent history.
Security firm FireEye, which itself was breached, discovered the new round of attacks, many of which were attributed to a corrupted software update from SolarWinds, which makes widely used networking programs.
Other attacks have used Microsoft cloud service resellers, with email being the primary target for hackers.