The Biden administration will respond “in weeks, not months” to the perpetrators of the SolarWinds hack, who used the US tech company as a springboard to compromise a raft of U.S. government agencies, a senior administration official said.
“The third part of what we are doing about it is responding to the perpetrators of the attack. You can expect further announcements on that in weeks, not months,” said the official, who declined to be named, in a telephone briefing with reporters.
The operation, which was identified in December and which the US government has said was likely orchestrated by Russia, breached software made by SolarWinds, giving hackers access to thousands of companies and government offices that used its products.
Microsoft president Brad Smith described the attack as “the largest and most sophisticated attack the world has ever seen.”
The senior official also noted that most of the nine federal government agencies compromised by the SolarWinds hack have completed an independent review and those that have not will finish one by the end of March.
The hacking, which also hurt 100 private companies, used corrupted SolarWinds code and weaknesses in Microsoft identity-management tools.