Nine U.S. Agencies Have Largely Removed Russia-Linked Malware

The nine federal agencies that were infiltrated by suspected Russian attackers last year have largely eradicated the malware from their networks and are now looking for lingering hackers, according to a U.S. Department of Homeland Security official.

In the aftermath of the cyber-attack -- in which the hackers compromised popular software made by the Texas-based firm SolarWinds Corp. and infiltrated the agencies -- most of the nine federal victims have finished reviewing their networks to ensure the malware has been removed, according to the official, who briefed reporters under the condition of anonymity. The agencies have moved to a second phase which involves gaining confidence that no attackers remain, the official said.

The suspected Russian hackers infiltrated government agencies including State, Treasury, Homeland Security, Commerce, Energy and Justice along with approximately 100 private sector companies last year. The White House has set the end of March as the deadline for the nine government victims to complete internal reviews to ensure that the hackers had been removed.

National Security Advisor Jake Sullivan told Bloomberg on Monday that the U.S. is considering “seen and unseen” measures in response to the attack. “We’re in the closing stages of that process with options that will be presented at the highest levels here,” he said in an interview.

©2021 Bloomberg L.P.

BQ Install

Bloomberg Quint

Add BloombergQuint App to Home screen.