The National Cyber Security Centre, GCHQ’s defensive cyber arm

 But both FireEye and SolarWinds suggested that the breaches they had discovered so far relied on manual, customised attacks, suggesting that not all of the 275,000 organisations using SolarWinds worldwide had been affected.

In the US, the National Security Council (NSC) said on Monday it was working "to coordinate a swift and effective whole-of-government recovery and response to the recent compromise.”

Jeremy Fleming, head of British signals intelligence agency GCHQ, described the hacks as “serious events” and said his staff were “working at pace” with US partners and the private sector to understand the implications. The National Cyber Security Centre, GCHQ’s defensive cyber arm, is releasing advice for UK organisations which consider themselves at risk.

Over the weekend, the US commerce department confirmed it had a “breach in one of our bureaus” and said it had asked the Cybersecurity and Infrastructure Security Agency (Cisa) and the FBI to investigate. computer science vs engineering said it was “providing technical assistance to affected entities” while the FBI said it was “appropriately engaged”.

There were also reports that the US Treasury had been a victim of the breach, but a spokesperson referred questions to the NSC.