Russia penetrated Vermont utility company computer – USA TODAY
BURLINGTON, Vt. âÂ Malicious software believed tiedÂ to a Russian hacking group associated with attempts to influence the U.S. presidential electionÂ wasÂ found Friday within a computer that belongs toÂ Burlington Electric,Â one of Vermontâs electrical utilities.
The utility found the malware on a laptop not connected to the operation of the grid, said Commissioner Christopher Recchia of Vermont’s Public Service Department.Â
Based on his knowledge, Recchia said Friday night he did not believe that the electrical power grid was at risk from the incident.
“The grid is not in danger,” Recchia said. “The utility flagged it, saw it, notified appropriate parties and isolated that one laptop with that malware on it.”
Attacks on the nation’s electrical gridÂ are among several infrastructure attackÂ scenarios that worry officials and cyber-security experts. Critical infrastructure systems are often run on older computer networks and often difficult to protect.
Ukraine has accused RussiaÂ of hacking into its electrical utilities and turning off power to several regions.
The Obama administrationÂ released code associated with the Russian hacking group, dubbed Grizzly Steppe, on Thursday.
The aim of the release was to allow utilities,Â companiesÂ and organizations to search their computers for the digital signatures of the attack code, to see if they, too, had been targeted.
That proved to be a good strategyÂ with the announcement Friday evening that the code had been found in the city-owned system in Vermont. Another Vermont utility, Vermont Electric Cooperative based in Johnson, Vt., said it found no evidence of a threat to its system.
Vermont officials, all Democrats, weighed in on the announcement:
â¢ Gov. Peter Shumlin: “This episode should highlight the urgent need for our federal government to vigorously pursue and put an end to this sort of Russian meddling.” His statement also called Russian President Vladimir Putin a thug.
â¢Â Sen. Patrick Leahy:Â “State-sponsored Russian hacking is a serious threat, and the attempts to penetrate the electric grid through a Vermont utility are the latest example. … This is now about trying to access utilities to potentially manipulate the grid and shut it down in the middle of winter.”
â¢Â Rep. Peter Welch: “This attack shows how rampant Russian hacking is. It’s systemic, relentless, predatory.”
It is unclear whether the penetration in Burlington was an attempt to disrupt the utility or simply a test.
“We acted quickly to scan all computers in our system for the malware signature. We detected the malware in a single Burlington Electric Department laptopÂ notÂ connected to our organizationâs grid systems. We took immediate action to isolate the laptop and alerted federal officials of this finding,” Mike Kanarick, spokesman for the Burlington Electric Department, said in a statement.
The utilityÂ is working with federal officials to trace the malware and prevent any other attempts to infiltrate utility systems. It also hasÂ briefed state officials.
“As commissioner of public service we are very concerned aboutÂ cybersecurity,” Recchia said. “I’ve been working with Homeland Security and our Department of Emergency Management’sÂ Homeland Security to make sure that we are on top of things like this because this is a realÂ concern.”