The two agencies were named from newspaper The Washington Post, and a NASA spokesman did not question the report, but refused to comment, indicating that the investigation is continuing.
NASA and the Federal Aviation Administration are believed to be the remaining two unnamed agencies of the nine government agencies that were confirmed infiltrated in the attack.
The other seven include the Ministries of Commerce, Energy, Homeland Security, Justice, the Treasury and the National Institutes of Health, although the attackers are not believed to have violated the secret networks.
FireEye, Microsoft, and Malwarebytes were among a number of cybersecurity companies that were also hacked as part of the attacks.
The Biden administration is reportedly preparing to impose sanctions on Russia, due in large part to the hacking campaign, the newspaper reported.
The attacks were discovered last year after FireEye raised the alarm about the hacking campaign after its private network was compromised.
The victims include all customers of the American software company SolarWinds, whose network management tools are used by the federal government and companies.
Hackers penetrated SolarWinds’ network, implanting a backdoor into its software and sending the backdoor into customer networks via a software update.
It is also said: The SolarWinds hackers targeted other companies by breaking into other devices through victims ‘networks, in addition to targeting Microsoft vendors in order to penetrate other customers’ networks.
Last week, Anne Neuberger, a former director of cybersecurity at the National Security Agency, who is currently the deputy national security advisor for cyber technology in the Biden administration, said that planning and carrying out the attack took months, and it took us some time to uncover everything.
Representatives from the affected companies said during a hearing of the US Senate Intelligence Committee: The true extent of the breach is still unknown, because most victims are not required by law to disclose the attacks unless they contain sensitive information about individuals.
Microsoft said its researchers believe that at least 1,000 professional engineers have hacked SolarWinds.