Scope of Russian Hack Becomes Clear: Multiple US Agencies Were Hit

The scope of a hack engineered by one of Russia’s premier intelligence agencies became clearer when some Trump administration officials acknowledged that other federal agencies — the State Department, the Department of Homeland Security, and parts of the Pentagon — had been compromised. Investigators were struggling to determine the extent to which the military, intelligence community, and nuclear laboratories were affected by the highly sophisticated attack. United States officials did not detect the attack until recent weeks, and then only when a private cybersecurity firm, FireEye, alerted American intelligence that the hackers had evaded layers of defenses. It was evident that the Treasury and Commerce Departments, the first agencies reported to be breached, were only part of a far larger operation whose sophistication stunned even experts who have been following a quarter-century of Russian hacks on the Pentagon and American civilian agencies. About 18,000 private and government users downloaded a Russian tainted software update — a Trojan horse of sorts — that gave its hackers a foothold into victims’ systems.