IE 11 is not supported. For an optimal experience visit our site on another browser.

Vermont Electricity Department Finds Malware Linked to Russian Hackers

The malware affiliated with so-called "Grizzly Steppe" hacking campaign was found on a laptop not connected to Burlington's electric grid systems.
Image:
Cars pass by the headquarters of the Russian spy agency FSB, grey building at center, in downtown Moscow, Russia.Alexander Zemlianichenko / AP

A Vermont electricity provider said it found malware linked to an alleged Russian campaign to hack political entities in a laptop, after U.S. utilities were warned about the "Grizzly Steppe" affiliated code by the federal government.

The infected laptop is not connected to the Burlington Electric Department’s electricity grid systems, the municipal utility said in a statement.

"We took immediate action to isolate the laptop and alerted federal officials of this finding," the statement said. "Our team is working with federal officials to trace this malware and prevent any other attempts to infiltrate utility systems."

Image:
Cars pass by the headquarters of the Russian spy agency FSB, grey building at center, in downtown Moscow, Russia.Alexander Zemlianichenko / AP

The Washington Post reported earlier Friday that the code associated with Grizzly Steppe had been detected in a Vermont utility. The newspaper cited a senior Obama administration official among its sources.

The intent is not clear, but the discovery raised fears about the vulnerabilities of U.S. electric grid to cyber-attacks and whether the code is in other systems, a U.S. official told the newspaper.

The Department of Homeland Security is investigating the incident.

"While our analysis continues, we currently have no information that indicates that the power grid was penetrated in this cyber incident," said Todd Breasseale, department assistant secretary for public affairs.

Related: Trump Says Putin 'Smart' for Not Retaliating Over U.S. Sanctions

Vermont Gov. Peter Shumlin said he was outraged at what he called the attempted hacking of the electric grid and called on the federal government to ensure it does not happen again.

"Vermonters and all Americans should be both alarmed and outraged that one of the world's leading thugs, Vladimir Putin, has been attempting to hack our electric grid, which we rely upon to support our quality-of-life, economy, health, and safety," Shumlin said in a statement.

"This episode should highlight the urgent need for our federal government to vigorously pursue and put an end to this sort of Russian meddling," Shumlin, a Democrat, said.

The Burlington Electric Department said it is working with federal officials to trace the malware and protect any other attempts to get into its systems. The department is owned by the city of the same name, and serves more than 19,600 customers.

It wasn’t clear when the malware entered the laptop in Vermont, but the discovery comes amid heightened tensions between the U.S. and Russia over cyber-attacks during the American presidential election.

The Obama administration has accused the Russian government of being involved, and on Thursday issued sanctions and other retaliatory steps against Russia’s intelligence services and three companies believed to have provided support to cyber operations.

The Obama administration also accused Russia of harassing American diplomats overseas, and ordered that 35 Russian diplomats be expelled from the U.S.

Related: U.S. Unveils Plan to Punish Russia for Election Hacks

Congressman Peter Welch (D-VT) agreed with the administration's assessment.

"This attack shows how rampant Russian hacking is. It's systemic, relentless, predatory," Welch said in a statement. "They will hack everywhere, even Vermont, in pursuit of opportunities to disrupt our country. We must remain vigilant, which is why I support President Obama's sanctions against Russia and its attacks on our country and what it stands for."

The Department of Homeland Security and FBI released details Friday on the alleged Russian hacking campaign and its methods, which include "spearphishing" that use emails to trick users into clicking on links.

The agencies said the targets were not just related to the election, but also "a range of U.S. Government, political, and private sector entities."

Russia has denied being involved in the cyber-attacks. Russian President Vladimir Putin condemned the retaliatory steps, but said he would not seek the expulsion of U.S. diplomats, a move his own foreign minister called for.

President-elect Donald Trump in a statement about the sanctions Thursday said "It's time for our country to move on to bigger and better things."

Trump added that he will meet with U.S. intelligence officials next week to be updated on the facts of the matter.