PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing.

PCMag UK

US Intelligence Agencies: Russia Is Likely to Blame for SolarWinds Hack

US investigators add that 'fewer than 10 US government agencies' were compromised with additional malware after downloading the malicious updates from SolarWinds' Orion product.

Michael Kan
 & Michael Kan Principal Reporter

Our team tests, rates, and reviews more than 1,500 products each year to help you make better buying decisions and get more from technology.

Our Expert
LOOK INSIDE PC LABS HOW WE TEST
65 EXPERTS
43 YEARS
41,500+ REVIEWS

(Photo by KIRILL KUDRYAVTSEV/AFP via Getty Images)


The US intelligence community is formally blaming Russian hackers for the SolarWinds breach but stopping short of pointing fingers directly at the Kremlin. 

On Tuesday, the FBI, NSA, and the Office of the Director of National Intelligence issued a joint statement with the Cybersecurity and Infrastructure Security Agency (CISA) about their investigation into the breach. “This work indicates that an Advanced Persistent Threat (APT) actor, likely Russian in origin, is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and non-governmental networks,” the statement says. 

The agencies supplied no specific evidence in the statement. However, US officials reportedly suspect that Russian state-sponsored spies hacked into the IT company SolarWinds, which they then used as a launching pad to break into several US government departments. 

Recommended by Our Editors

Microsoft: SolarWinds Hackers Viewed Our Source Code
Microsoft: SolarWinds Hackers Viewed Our Source Code
US: Hack on Government Agencies Goes Beyond SolarWinds Users
US: Hack on Government Agencies Goes Beyond SolarWinds Users
Microsoft Hit by SolarWinds Breach, Says It 'Isolated and Removed' the Malware
Microsoft Hit by SolarWinds Breach, Says It 'Isolated and Removed' the Malware

The attack specifically involved tampering with SolarWind’s Orion product, which was then distributed to Windows computers belonging to about 18,000 customers. However, the suspected Russian hackers only targeted a small subset of those customers with additional malware capable of spying on computers and stealing files. 

“We have so far identified fewer than 10 US government agencies that fall into this category, and are working to identify the nongovernment entities who also may be impacted,” the joint statement says. “At this time, we believe this was, and continues to be, an intelligence gathering effort.”

The federal agencies known to have been ensnared include the US Treasury Department, the State Department, the Commerce Department and the Energy Department, along with parts of the Pentagon, according to The New York Times.

The statement from US intelligence ultimately doesn’t provide much new information. But it does arrive weeks after President Trump casted doubt on Russia’s suspected role in the hack. “Russia, Russia, Russia is the priority chant when anything happens because Lamestream is, for mostly financial reasons, petrified of....discussing the possibility that it may be China (it may!),” the outgoing President said in a tweet on Dec. 19.

The Kremlin itself has denied any involvement in SolarWinds breach. "Malicious activities in the information space contradict the principles of the Russian foreign policy," the Russian embassy said in a statement last month.

About Our Expert

Michael Kan

Michael Kan

Principal Reporter

My Experience

I've been a journalist for over 15 years. I got my start as a schools and cities reporter in Kansas City and joined PCMag in 2017, where I cover satellite internet services, cybersecurity, PC hardware, and more. I'm currently based in San Francisco, but previously spent over five years in China, covering the country's technology sector.

Since 2020, I've covered the launch and explosive growth of SpaceX's Starlink satellite internet service, writing 600+ stories on availability and feature launches, but also the regulatory battles over the expansion of satellite constellations, fights with rival providers like AST SpaceMobile and Amazon, and the effort to expand into satellite-based mobile service. I've combed through FCC filings for the latest news and driven to remote corners of California to test Starlink's cellular service.

I also cover cyber threats, from ransomware gangs to the emergence of AI-based malware. In 2024 and 2025, the FTC forced Avast to pay consumers $16.5 million for secretly harvesting and selling their personal information to third-party clients, as revealed in my joint investigation with Motherboard.

I also cover the PC graphics card market. Pandemic-era shortages led me to camp out in front of a Best Buy to get an RTX 3000. I'm now following how the AI-driven memory shortage is impacting the entire consumer electronics market. I'm always eager to learn more, so please jump in the comments with feedback and send me tips.

The Best Tech I've Had:

  • My first video game console: a Nintendo Famicom
  • I loved my Sega Saturn despite PlayStation's popularity.
  • The iPod Video I received as a gift in college
  • Xbox 360 FTW
  • The Galaxy Nexus was the first smartphone I was proud to own.
  • The PC desktop I built in 2013, which still works to this day.

Read the latest from Michael Kan

Read full bio