Alleged Russian hack of Vermont utility may not stand up to scrutiny

Impact

Tension over alleged Russian malware found in a Vermont electrical utility grew over the weekend, even as holes emerged in the narrative purporting the incident could be a prelude to larger Russian cyberattacks.

The Washington Post first reported on the discovery of a code associated with a Russian operation officials called "Grizzly Steppe" on a Burlington Electric computer system. The malware has triggered fears Russian actors could be testing U.S. infrastructure networks' vulnerability in the wake of two successful hacks of Democratic Party targets, including Hillary Clinton's campaign, during the recent presidential elections.

U.S. intelligence officials say they believe Russian President Vladimir Putin personally directed those cyber attacks in an attempt to get Republican President-elect Donald Trump into office. Trump has shrugged off the accusations and actually responded by praising Putin.

On Friday, Vermont Gov. Peter Shumlin released a written statement calling Putin one of the "world's leading thugs" and denouncing Russia.

"Vermonters and all Americans should be both alarmed and outraged that one of the world's leading thugs, Vladimir Putin, has been attempting to hack our electric grid, which we rely upon to support our quality-of-life, economy, health and safety," the governor wrote. "This episode should highlight the urgent need for our federal government to vigorously pursue and put an end to this sort of Russian meddling."

On Friday, GOP Sen. John McCain also took to Ukrainian TV to call the suspected Russian operation to discredit Clinton's campaign an "act of war." According to Politico, McCain scheduled a hearing on cyber threats "where the issue of Russia's election-year hacking will take center stage" for this Thursday.

However, according to the Vermont Free Press, the Burlington Electric Department now says the malware did not penetrate as deeply into secure systems as originally thought.

"We detected the malware in a single Burlington Electric Department laptop not connected to our organization's grid systems," the department wrote in a statement. "We took immediate action to isolate the laptop and alerted federal officials of this finding."

As the Intercept noted, there's no proven link between the Russian government or actors linked to it and the malware found on a Burlington Electric computer. Russian malware is widely available on the internet for purchase or download, and its appearance on a utility computer does not necessarily indicate the malware was designed to or even capable of subverting any electrical grids.