Since this thread seems to be riddled with the misconception that sovereign immunity grants government blanket immunity to liability for wrongdoing, I feel the need to insert this in a position with better visibility.
The United States has waived sovereign immunity to a limited extent, mainly through the Federal Tort Claims Act, which waives the immunity if a tortious act of a federal employee causes damage
Intentional torts
Torts against the person include assault, battery, false imprisonment, intentional infliction of emotional distress, and fraud, although the latter is also an economic tort.
Property torts involve any intentional interference with the property rights of the claimant (plaintiff). Those commonly recognized include trespass to land, trespass to chattels (personal property), and conversion.
Further, in the article talking about the specific Federal Tort Claims Act...
However, the FTCA does not exempt intentional torts for "investigative or law enforcement officers," allowing aggrieved individuals to bring lawsuits
Attacking a civilian owned computer system is definitely violation of property rights.
Also, the action they are taking is directly forbidden in the United States constitution.
Fourth Amendment to the United States Constitution
...
The Fourth Amendment (Amendment IV) to the United States Constitution is the part of the Bill of Rights that prohibits unreasonable searches and seizures and requires any warrant to be judicially sanctioned and supported by probable cause.
...
One threshold question in Fourth Amendment jurisprudence is whether a "search" has occurred. Initial Fourth Amendment case law hinged on a citizen's property rights—that is, when the government physically intrudes on "persons, houses, papers, or effects" for the purpose of obtaining information, a "search" within the original meaning of the Fourth Amendment has occurred.
...
The Fourth Amendment proscribes unreasonable seizure of any person, person's home (including its curtilage) or personal property without a warrant. A seizure of property occurs when there is "some meaningful interference with an individual's possessory interests in that property"
I'd argue that inserting malware is again, "meaningful interference with an individual's possessory interests in that property".