[Update: 1/3/17, 1:49 p.m.] It turns out that the Washington Post’s reporting on this story was mostly bullsh*t.
WHAT’S TRUE: Malware found on a laptop belonging to an organization responsible for maintaining a Vermont power grid was reportedly similar or identical to that used by Russian hackers.
WHAT’S FALSE: The infected laptop was not connected to the power grid, and no evidence documents that the malware was placed on the laptop by Russian hackers and/or by persons with the intent of disrupting a U.S. power grid.
Original Story: According to reports, malicious software believed to have originated with a Russian hacking group has been found on a computer belonging to Burlington Electric, an electrical utility in Vermont.
Commissioner Christopher Recchia of Vermont’s Public Service Department said that he did not think the electrical power grid was at risk.
“The grid is not in danger,” Recchia said. “The utility flagged it, saw it, notified appropriate parties and isolated that one laptop with that malware on it.”
When it comes to cyber terror scenarios, attacks on the U.S. power grid are among top worries of security experts given its vulnerability. It’s still not known if the event in Vermont was an actual attempt to shut down the grid or if it was simply a test run.
“We acted quickly to scan all computers in our system for the malware signature,” Burlington Electric Department spokesman Mike Kanarick said according to USA Today. “We detected the malware in a single Burlington Electric Department laptop not connected to our organization’s grid systems. We took immediate action to isolate the laptop and alerted federal officials of this finding.”
The code was discovered after the Obama Administration released code that was used by a Russian hacking group to “exploit networks and endpoints associated with the U.S. election.” The goal was to allow organizations to identify similar code should it be found in their networks, which is what allowed Burlington Electric to make their discovery.
Burlington Electric is working with federal officials to more accurately trace the origin of the software.
“As commissioner of public service we are very concerned about cybersecurity,” Recchia said. “I’ve been working with Homeland Security and our Department of Emergency Management’s Homeland Security to make sure that we are on top of things like this because this is a real concern.”
Featured image via YouTube