The campaign targeted only select targets, such as companies in the cybersecurity sector (FireEye, Malwarebytes, Mimecast) and state and federal agencies in the U.S. It places an undue burden on the mostly private sector victims who must bear the unusually high cost of mitigating this incident s. The United States government is formally accusing the Russian government of the. SolarWinds supply-chain attack that gave hackers access to the network of multiple U.S. agencies and private tech sector companies.
Source: https://www.bleepingcomputer.com/news/security/us-government-confirms-russian-svr-behind-the-solarwinds-hack/