The country’s cybersecurity agency says the hacking campaign discovered earlier this month was “impacting” local governments, in addition to federal and state entities and businesses.
In a statement this week, CISA said they are still tracking the “significant cyber incident impacting enterprise networks across federal, state, and local governments, as well as critical infrastructure entities and other private sector organizations.”
However, the agency did not give specific examples or further details like how many state and local governments were impacted.
The hackers were able to get access to government and business networks through the IT management company SolarWinds’s Orion software supply chain, which are used by government and private businesses. The hack was discovered this month, however officials believe it has been going on for several months.
CISA says just because we are aware of the hack doesn’t mean the threat is gone. They warn the hackers have “the resources, patience, and expertise to gain access to and privileges over highly sensitive information if left unchecked. CISA urges organizations to prioritize measures to identify and address this threat.”
Last week, the Cybersecurity and Infrastructure Security Agency said the hack posed a “grave threat” to security U.S. government agencies, critical infrastructure entities and private groups.
CISA also said at the time the SolarWinds Orion vulnerability was not the only way that hackers were able to get into government agencies, private companies and critical infrastructures over the last several months.
"CISA has determined that this threat poses a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations," the alert issued by the agency said. "CISA expects that removing this threat actor from compromised environments will be highly complex and challenging for organizations."
So far, several federal agencies, including the Treasury and Department of Energy, have indicated they were impacted, and Microsoft is reporting in a blog post more than 40 customers around the world appear to have been targeted in the hack.
Multiple U.S. officials have implicated Russia in the hack. However, President Donald Trump has not said much about it, other than a tweet that eluded it may have been China who was responsible.