The full extent of the damage is not yet clear. But the potential threat was significant enough that the Department of Homeland Security's cybersecurity unit directed all federal agencies to remove compromised network management software and thousands of companies were expected to do the same.
The identity of the perpetrator remained unclear. A U.S. official, speaking on condition of anonymity because of an ongoing investigation, told The Associated Press on Monday that Russian hackers are suspected. When it was, the hackers could impersonate system administrators and have total access to the infected networks.
National Security Council spokesman John Ullyot said Monday that the Trump administration was working with CISA, U.S. intelligence agencies, the FBI and government departments affected by the intrusion to co-ordinate a response. Cybersecurity experts said the goal of the months-long effort appeared to be espionage and not profit or inflicting damage.