Evidence of Russian hacking has been detected in a Vermont utility system, a company spokesman confirmed Friday night. A representative of Burlington Electric Department said in statement that a Russian campaign linked to recent cyberattacks had breached a single laptop within the utility, though it was not connected to the organization’s electrical grids.
“We took immediate action to isolate the laptop and alerted federal officials of this finding,” Mike Kanarick, a spokesman for the utility, said in the statement. “Our team is working with federal officials to trace this malware and prevent any other attempts to infiltrate utility systems.”
The intent of the Russian hacking operation, known as Grizzly Steppe by the Obama administration, has yet to be determined, but the breach could signal vulnerabilities within the American electrical grid. The penetration, first reported by the Washington Post, which cited U.S. officials including at least one senior administration official, could also signal an attempt to test Russian capability to disrupt other utilities.
Kanarick indicated that state officials, in addition to the Department of Homeland Security, had been briefed on the matter and that the utility organization would fully support the investigation into the breach.
A senior administration official declined to comment specifically on the new report, but told POLITICO, “By exposing Russian malware in the JAR [Joint Analysis Report] yesterday, the Administration sought to alert all network defenders in the United States and abroad to this malicious activity to better secure their networks and defend against Russian malicious cyber activity.”
In a statement to POLITICO, a Department of Homeland Security official didn’t comment directly on the investigation, saying, “DHS regularly shares information with our private and public partners to help them defend their network and mitigate vulnerabilities. As part of these efforts, we shared technical information with critical infrastructure entities to aid them in identifying the malicious cyber activity known as Grizzly Steppe. When we become aware of a potential vulnerability, DHS offers our assistance and upon request, can provide technical analysis and support. Information shared with DHS as part of these efforts, including the identity of affected organizations, is confidential.”
The FBI and the Electricity Information Sharing and Analysis Center, an industry cyber defense organization, did not respond to requests for comment.
Source: politico.eu
