The cybersecurity arm of the Department of Homeland Security warned that the massive hack that infiltrated a number of federal agencies is also “impacting” state and local governments.
The Cybersecurity and Infrastructure Security Agency urged them to take measures to “identify and address this threat” to their computer systems.
“CISA is tracking a significant cyber incident impacting enterprise networks across federal, state, and local governments, as well as critical infrastructure entities and other private sector organizations,” the agency said in a statement released late Wednesday.
“This threat actor has the resources, patience, and expertise to gain access to and privileges over highly sensitive information if left unchecked,” the statement continued.
The hack — which infiltrated the Treasury, Commerce and Energy departments, the Pentagon, and Homeland Security as well as hundreds of private sector businesses — used malware hidden in a SolarWinds software update to burrow into their computer systems.
CISA announced the breach last week but did not say state and local governments were affected.
Secretary of State Mike Pompeo and former Attorney General Bill Barr blamed Russia for the attack, however, President Trump has suggested China may be behind it.