U.S. intelligence agencies have concluded that it is ‘likely” Russia was behind a large-scale cyberattack targeting sensitive government and private sector computer networks.

A special task force called the Cyber Unified Coordination Group made up of FBI, the Department of Homeland Security, the Office of the Director of National Intelligence (DNI) and National Security Agency officials described the ongoing SolarWinds hack as a “significant cyber incident involving federal government networks.”

The task force “is still working to understand the scope of the incident,” the DNI’s office said in a joint statement Tuesday afternoon with the FBI, the Homeland Security Cybersecurity and Infrastructure Security Agency and the National Security Agency.

U.S. investigators have concluded that “an advanced persistent threat (APT) actor, likely Russian in origin, is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and non-governmental networks,” the statement said.

“At this time, we believe this was, and continues to be, an intelligence-gathering effort. We are taking all necessary steps to understand the full scope of this campaign and respond accordingly,” the statement added.

The cyberattack affected about 18,000 government and private networks, including computers at key agencies. They include the Energy, Treasury and Commerce Departments.

Security investigators said that the attack involved a supply-chain compromise that exploited a flaw in network monitoring software called Orion produced by SolarWinds, a Texas-based company. The compromised software allowed the hackers to covertly install back door access points in networks.

Some of the 18,000 networks targeted in the spying campaign were further attacked in what the intelligence agencies called “follow-on activity” on their systems. including just a small handful of government targets.

“We have so far identified fewer than 10 U.S. government agencies that fall into this category, and are working to identify the non-government entities who also may be impacted,” the statement said.

“This is a serious compromise that will require a sustained and dedicated effort to remediate,” the agencies said.

The statement said the NSA, the main electronic intelligence agency that specializes in foreign computer penetrations, is providing the task force with intelligence, cybersecurity expertise, and actionable guidance.

The Russian government denied any involvement in the cyber incident.

