“I can’t say much more as we’re still unpacking precisely what it is, and I’m sure some of it will remain classified,” he added.
Instead of condemning the attack, or Russia, Trump wrote that he had been “fully briefed and everything is well under control” — despite officials in his administration having said this week that the cyberattack “poses a grave risk” to networks across both the public and private sector.
At least half a dozen federal agencies are now known to have been targeted in the breach, including the Department of Homeland Security’s cyber arm and the Departments of Agriculture, Commerce, Energy and State. Investigators are still trying to determine what, if any, government data may have been accessed or stolen in the hack.
“Suffice it to say, there was a significant effort to use a piece of third-party software to essentially embed code inside of US government systems and it now appears systems of private companies and companies and governments across the world as well,” Pompeo said.
Trump had remained silent on the hack for most of the week. The White House said Friday the President was being briefed and “working very hard” in dealing with it.
Asked Friday about Trump’s silence on the matter, Pompeo noted there was work going on behind the scenes.
“There are many things that you’d very much love to say, ‘Boy, I’m going to call that out,’ but a wiser course of action to protect the American people is to calmly go about your business and defend freedom,” he said.
The Russian embassy in Washington has denied involvement in the hack.
But Moscow has been linked to several recent breaches, including the 2016 hacking of Democratic officials during the US presidential election.
CNN previously reported that a Russian-affiliated group known as APT29 was behind the attack on FireEye.
That same evening, FireEye identified the source of its own intrusion as malware hidden in its software updates published by the software vendor SolarWinds, which is used by a number of federal civilian agencies for network management.
As many as 18,000 SolarWinds customers, including US government agencies and Fortune 500 companies, had been sent the updates containing the malware.
The headline and story have been updated to reflect President Donald Trump’s tweets on the cyberattack.
CNN’s Zachary Cohen, Brian Fung, Kaitlan Collins, Alex Marquardt and Jason Hoffman contributed to this report.