President Donald Trump Saturday downplayed a massive cyberattack on US government agencies, declaring it "under control" and undercutting the assessment by his own administration that Russia was to blame.

"I have been fully briefed and everything is well under control," Trump tweeted in his first public comments on the hack, adding that "Russia Russia Russia is the priority chant when anything happens" and suggesting without offering evidence that China "may" also be involved.

"There could also have been a hit on our ridiculous voting machines during the election, which is now obvious that I won big, making it an even more corrupted embarrassment for the USA," he added, in his latest baseless allegation of mass fraud in the November 3 vote, which was won by Democrat Joe Biden.

Trump's response came a day after Secretary of State Mike Pompeo said in an interview that the attack -- which cyber experts say could have far-reaching impact and take months to unravel -- was "pretty clearly" Russia's work.

"There was a significant effort to use a piece of third-party software to essentially embed code inside of US government systems," Pompeo told the Mark Levin Show on Friday.

He was referring to widely used security software from Texan firm SolarWinds.

"This was a very significant effort," Pompeo added, "and I think it's the case that now we can say pretty clearly that it was the Russians that engaged in this activity."

Russia has denied involvement in the attack. 

The US Cybersecurity and Infrastructure Security Agency, without identifying the source of the hack, said Thursday that the attack poses a "grave risk" and that thwarting it would be "highly complex." 

President-elect Joe Biden has expressed "great concern" over the breach while Senator Mitt Romney, a Republican, blamed Russia and slammed what he called the "inexcusable silence" from the White House.

Among the government agencies affected, according to media reports, are the State Department, the Treasury, the Commerce Department, the Homeland Security Department and the National Institutes of Health -- as well as the Energy Department, and the National Nuclear Security Administration, which manages the nuclear weapons stockpile.

Microsoft said Thursday that it had notified more than 40 customers hit by the malware, which security experts say could allow attackers unfettered network access to key government systems and electric power grids and other utilities.

Roughly 80 percent of the affected customers are located in the United States, Microsoft president Brad Smith said in a blog post, with victims also found in Belgium, Britain, Canada, Israel, Mexico, Spain and the United Arab Emirates.

"It's certain that the number and location of victims will keep growing," Smith said.

NATO said Saturday it was checking its computer systems but had found "no evidence of compromise."

The European Commission said Saturday it had not found any computer system intrusion but was "analyzing the situation."