A code associated with the Russian hacking operation dubbed Grizzly Steppe by the Obama administration has been detected within the system of a Vermont utility, according to U.S. officials, The Washington Post reports.
While the Russians did not actively use the code to disrupt operations, according to officials who spoke on the condition of anonymity to discuss a security matter, the discovery underscores the vulnerabilities of the nation`s electrical grid. And it raises fears in the U.S. government that Russian government hackers are actively trying to penetrate the grid to carry out potential attacks, according to The Washington Post.
Burlington Electric said in a statement that the company detected a malware code used in the Grizzly Steppe operation in a laptop that was not connected to the organization`s grid systems. The firm said it took immediate action to isolate the laptop and alert federal authorities.
Friday night, Vermont Gov. Peter Shumlin called on federal officials ”to conduct a full and complete investigation of this incident and undertake remedies to ensure that this never happens again.”
”Vermonters and all Americans should be both alarmed and outraged that one of the world`s leading thugs, Vladimir Putin, has been attempting to hack our electric grid, which we rely upon to support our quality-of-life, economy, health, and safety,” Shumlin said in a statement. ”This episode should highlight the urgent need for our federal government to vigorously pursue and put an end to this sort of Russian meddling.”
Officials said that it is unclear when the code entered the Vermont utility`s computer, and that an investigation will attempt to determine the timing and nature of the intrusion, as well as whether other utilities were similarly targeted.
This week, officials from the Department of Homeland Security, FBI and the Office of the Director of National Intelligence shared the Grizzly Steppe malware code with executives from 16 sectors nationwide, including the financial, utility and transportation industries, a senior administration official said. Vermont utility officials identified the code within their operations and reported it to federal officials Friday, the official said.
The DHS and FBI also publicly posted information about the malware Thursday as part of a joint analysis report, saying that the Russian military and civilian services` activity ”is part of an ongoing campaign of cyber-enabled operations directed at the U.S. government and its citizens.”
