The cybersecurity news of the week is a big and, until recently, undetected attack on the federal government, likely perpetrated by a Russian intelligence agency.

The Department of Homeland Security, Treasury, State Department and other U.S. federal agencies fell victim to a malicious software update. SolarWinds, the company that makes that software, also counts most of the Fortune 500 companies among its customer base. 

“In some ways, they may be more interested in the Fortune 500 companies than they are in [the] State [Department] and those other places,” New York Times national security correspondent David Sanger told “Marketplace” host Kai Ryssdal. “And what they’ve discovered in this entire incident is that the software supply chain is basically the best way to get in.”

As far as what this attack might mean for the U.S. economy though, Sanger said the consequences aren’t yet clear. “I think it’s going to take us months, maybe a year to figure out where they went,” said Sanger. “The hope is that because they didn’t want to get caught, they picked their targets very selectively and went into very few.”

Click the audio player above to hear the interview.

Stories You Might Like

Companies keep assessing SolarWinds hack as U.S. sanctions Russia

Trump says no military aid for countries with trade deficits

Former Homeland Security Secretary Janet Napolitano: cybersecurity is national security

White House warns companies of growing cyberattack risk

What the nightmare cybersecurity scenario looks like

White House seeks to plug cybersecurity job hole