For years, US officials have warned about the dangers of cyberattacks involving the electronics supply chain. This week’s revelation that a growing number of US federal agencies were breached in a widespread attack by suspected Russian hackers shows how little they have followed their own advice.

Last year, for instance, the Cybersecurity and Infrastructure Security Agency, known as CISA, reported that federal agencies faced about 180 different threats from the digital supply chain, the hardware and software that goes into making up a computer network. CISA’s parent, the Department of Homeland Security, was among those agencies breached in the recent attack.