A form of Russian malware associated with the group Grizzly Steppe was discovered on a laptop belonging to Vermont-based utility Burlington Electric. The company said the laptop was not associated with the power grid and immediate action was taken to alert authorities and isolate the laptop.
Photo by Burlington Electric Department/Facebook
BURLINGTON, Vt., Dec. 31 (UPI) -- Officials from Vermont-based electric company Burlington Electric discovered Russian malware on a company laptop on Friday.
The company released a statement confirming the malware associated with the Russian group Grizzly Steppe was found on a laptop which was not connected to the electrical grid system.
"Last night, U.S. utilities were alerted by the Department of Homeland Security (DHS) of a malware code used in Grizzly Steppe, the name DHS has applied to a Russian campaign linked to recent hacks. We acted quickly to scan all computers in our system for the malware signature," Burlington Electric spokesman Mike Kanarick said. "We detected the malware in a single Burlington Electric Department laptop not connected to our organization's grid systems."
Burlington Electric discovered the hack a day after the Obama administration issued sanctions and expelled Russian diplomats as punishment for meddling in the U.S. presidential election. DHS and the FBI also issued a 13-page joint report naming Grizzly Steppe as "part of an ongoing campaign of cyber -enabled operations directed at the U.S. government and its citizens."
Kanarick said Burlington Electric notified homeland security and the FBI upon discovering the malware and managed to isolate the laptop.
"We took immediate action to isolate the laptop and alerted federal officials of this finding," he said. "Our team is working with federal officials to trace this malware and prevent any other attempts to infiltrate utility systems. We have briefed state officials and will support the investigation fully."
Vermont Public Service Commissioner Christopher Recchia told the Burlington Free Press that he did not believe the incident put the power grid at risk.
"The grid is not in danger," he said. "The utility flagged it, saw it, notified appropriate parties and isolated that one laptop with that malware on it."
Recchia said Vermont utilities are "very concerned about cybersecurity" and plan to make it a focus moving forward, according to VPN news.
"It will be an evolving process, and of course if we're dealing with another national government that's doing this, the stakes are higher and we need federal partners to help on this stuff too," he said.
Vermont Gov. Peter Shumlin released a statement calling for the federal government to ensure similar attacks don't happen in the future.
"Vermonters and all Americans should be both alarmed and outraged that one of the world's leading thugs, Vladimir Putin, has been attempting to hack our electric grid, which we rely upon to support our quality-of-life, economy, health, and safety," he said. "This episode should highlight the urgent need for our federal government to vigorously pursue and put an end to this sort of Russian meddling."
Vermont Sen. Patrick Leahy, a Democrat, also spoke out and referred to the incident as the latest example of the "serious threat" of state-sponsored Russian hacking.
"This is beyond hackers having electronic joy rides – this is now about trying to access utilities to potentially manipulate the grid and shut it down in the middle of winter," he said. "That is a direct threat to Vermont and we do not take it lightly."
Green Mountain Power, Vermont's largest electric utility, released a statement following the news of the Burlington Electric discovery and confirmed a thorough check of its computer systems found no problems.
"GMP was also recently thoroughly reviewed for safety by the U.S. Department of Homeland Security," spokeswoman Kristin Carlson said. "The company will continue to rigorously monitor our system and remain vigilant."