It’s going to take months to kick elite hackers widely believed to be Russian out of the US government networks they have been quietly rifling through since as far back as March in Washington DC’s worst cyberespionage failure on record.

Experts say there simply are not enough skilled threat-hunting teams to duly identify all the government and private-sector systems that may have been hacked. FireEye, the cybersecurity company that discovered the intrusion into US agencies and was among the victims, has already tallied dozens of casualties. It's racing to identify more.