BURLINGTON, Vt. — Malicious software believed tied to a Russian hacking group associated with attempts to influence the U.S. presidential election was found Friday within a computer that belongs to Burlington Electric, one of Vermont’s electrical utilities.
The utility found the malware on a laptop not connected to the operation of the grid, said Commissioner Christopher Recchia of Vermont’s Public Service Department.
Based on his knowledge, Recchia said Friday night he did not believe that the electrical power grid was at risk from the incident.
“The grid is not in danger,” Recchia said. “The utility flagged it, saw it, notified appropriate parties and isolated that one laptop with that malware on it.”
Attacks on the nation’s electrical grid are among several infrastructure attack scenarios that worry officials and cyber-security experts. Critical infrastructure systems are often run on older computer networks and often difficult to protect.
“The grid is not in danger. The utility flagged it, saw it, notified appropriate parties and isolated that one laptop with that malware on it.”
Christopher Recchia, Vermont Public Service Department
Ukraine has accused Russia of hacking into its electrical utilities and turning off power to several regions.
The Obama administration released code associated with the Russian hacking group, dubbed Grizzly Steppe, on Thursday.
The aim of the release was to allow utilities, companies and organizations to search their computers for the digital signatures of the attack code, to see if they, too, had been targeted.
That proved to be a good strategy with the announcement Friday evening that the code had been found in the city-owned system in Vermont. Another Vermont utility, Vermont Electric Cooperative based in Johnson, Vt., said it found no evidence of a threat to its system.
Vermont officials, all Democrats, weighed in on the announcement:
• Gov. Peter Shumlin: “This episode should highlight the urgent need for our federal government to vigorously pursue and put an end to this sort of Russian meddling.” His statement also called Russian President Vladimir Putin a thug.
• Sen. Patrick Leahy: “State-sponsored Russian hacking is a serious threat, and the attempts to penetrate the electric grid through a Vermont utility are the latest example. … This is now about trying to access utilities to potentially manipulate the grid and shut it down in the middle of winter.”
• Rep. Peter Welch: “This attack shows how rampant Russian hacking is. It’s systemic, relentless, predatory.”
It is unclear whether the penetration in Burlington was an attempt to disrupt the utility or simply a test.
“We acted quickly to scan all computers in our system for the malware signature. We detected the malware in a single Burlington Electric Department laptop not connected to our organization’s grid systems. We took immediate action to isolate the laptop and alerted federal officials of this finding,” Mike Kanarick, spokesman for the Burlington Electric Department, said in a statement.
The utility is working with federal officials to trace the malware and prevent further attempts to infiltrate utility systems. It also has briefed state officials.
“As commissioner of public service, we are very concerned about cyber security,” Recchia said. “I’ve been working with Homeland Security and our Department of Emergency Management’s Homeland Security to make sure that we are on top of things like this because this is a real concern.”
McCullum reports for The Burlington (Vt.) Free Press; Elizabeth Weise reports for USA TODAY from San Francisco. Follow them on Twitter: @april_mccullum and @eweise
Read or Share this story: http://usat.ly/2hBt1Cg