Evidence of Russian Malware Found on US Electrical Company Laptop
A utilities company in Vermont has detected evidence of Russian malware, according to a report this evening from The Washington Post, which cited anonymous US officials. The code is said to be connected to a Russian hacking outfit the US government has named Grizzly Steppe.
According to the company, later revealed to be the Burlington Electric Department, the code linked to Grizzly Steppe was found on just one laptop, and the laptop wasn’t connected to the electrical grid — allaying earlier fears that Russia had hacked into the nation’s electrical grid. Owned by the city of Burlington, the utility firm confirmed the breach in a post on its Facebook page.
"The grid is not in danger," Vermont Public Service Commissioner Christopher Recchia told the Burlington Free Press. "The utility flagged it, saw it, notified appropriate parties and isolated that one laptop with that malware on it."
Yesterday, the Department of Homeland Security and the Federal Bureau of Investigation released their joint analysis report describing the Grizzly Steppe hacking campaign. The Department of Homeland Security also notified US utilities that they should be on the lookout for a specific malware code associated with Grizzly Steppe, according to Burlington Electric’s statement.
“We acted quickly to scan all computers in our system for the malware signature,” Mike Kanarick, Burlington Electric’s communications officer, said in the statement. “We detected the malware in a single Burlington Electric Department laptop not connected to our organization’s grid systems.” He adds that the company alerted federal officials immediately.
Green Mountain Power, another Vermont utilities company, also received a recent safety check from the Department of Homeland Security. The company told The Verge in a statement that it has not reported a security incident.
Today’s scare calls to mind similar accusations of alleged Russian incursions into state infrastructure. In December 2015, malicious cyber activity reportedly shut down the power grid in Kiev, Ukraine. The Ukrainian president has accused Russia of thousands of cyberattacks, according to The Washington Post.
Yesterday, President Obama expelled 35 Russian officials from the US — part of new sanctions against the country in response to their reported hacking campaign. Russian President Vladimir Putin said that he would not retaliate against the sanctions, a move that President-elect Trump applauded in a Tweet today:
Great move on delay (by V. Putin) - I always knew he was very smart!— Donald J. Trump (@realDonaldTrump) December 30, 2016