"We can say pretty clearly that it was the Russians that engaged in this activity," Mr. Pompeo said on Friday.
President Trump downplayed the attack's severity - saying it was "under control" - and cast doubt on Russia's role, hinting at Chinese involvement.
The hack, targeting software made by US firm SolarWinds, was found last week.
However, it had been going on for months. Russia has denied any involvement in the attack.
Among the US agencies targeted was the office that manages nuclear weapons.
That government organization, the US energy department, said however that the arsenal's security had not been compromised.
Several other organizations around the world, including in the UK, are understood to have been targeted by hackers using the same network management software.
Researchers, who have named the hack Sunburst, say it could take years to fully comprehend what is one of the biggest ever cyber-attacks.
In a radio interview with US talk show host Mark Levin on Friday, Mr. Pompeo said he believed that Russia had, over a period of months, penetrated several US government agencies and private companies, along with other companies and governments around the world.
He said there was "a significant effort to use a piece of third-party software to essentially embed code inside US government systems."
Along with the US energy department, federal agencies targeted by what has been described as a sophisticated cyber-espionage operation include the Treasury and departments of homeland security, state, defense, and commerce.
Mr. Pompeo said that US investigators looking into the attack were still "unpacking precisely what it is", and that much of the information would likely remain classified.
He said that Russia was trying to "undermine our way of life", adding that Russian President "Vladimir Putin remains a real risk."