As @JohnHultquist said, the SVR is still inside many of these computer systems, having built themselves back doors in the event their malware was uncovered and deleted. So Trump's claim that this is a contained nothing-burger is characteristic bullshit. https://www.washingtonpost.com/national-security/russia-is-behind-the-broad-ongoing-cyber-spy-campaign-against-the-us-government-and-private-sector-pompeo-says/2020/12/19/8c850cf0-41b3-11eb-8bc0-ae155bee4aff_story.html
And keep in mind, a lot of the compromised organizations (around 18,000) are private or publicly traded companies, which are now weighing the financial risks of admitting to the size and scope of their breaches.
So while POTUS can try to argue that our nukes are safe, stop worrying -- and oh maybe it was a fatty magoo in mom's basement in Beijing wot done it -- what he doesn't realize or seem to care about is how his beloved stock market might be impacted by this operation.
Take a gander at what the GRU's NotPetya operation did to global commerce a few years back. That wasn't just an espionage operation, it was destructive malware which paralyzed hospital machines in Pennsylvania and swathes of the shipping industry abroad.
And it took Uncle Sam a minute to publicly acknowledge the extent of the damage and unseal grand jury indictments against the hackers: https://www.justice.gov/opa/press-release/file/1328521/download