Russian hackers penetrated a computer at the Burlington Electric Department that is not connected to the electrical grid, officials say.
Burlington Electric found out about the malware when the U.S. Department of Homeland Security notified the utility about a hacking campaign called Grizzly Steppe.
The company scanned all of its computers Thursday night and found the malware on a laptop computer not connected to the electric grid.
“We took immediate action to isolate the laptop and alerted federal officials of this finding,” officials from the Burlington Electric Department said in a statement. “Our team is working with federal officials to trace this malware and prevent any other attempts to infiltrate utility systems. We have briefed state officials and will support the investigation fully.”
An attempt to reach Neale Lunderville, the general manager of Burlington Electric, was unsuccessful.
The Washington Post first reported the security breach and said it “underlines the vulnerabilities of the nation’s electrical grid.”
Both Burlington Electric and state officials say the grid was not affected.
The malware was not actively used by Russian hackers to disrupt the grid, according to the Post. It is not clear how long the malware was on the BED computer before it was discovered.
VTDigger is underwritten by:
“Burlington Electric did a good job of identifying it, finding it, and notifying appropriate officials, which is what prompted the Washington Post story,” said Chris Recchia, the commissioner of the Public Service Department. “The fact that this is at a utility obviously gives us heightened concern.”
On Saturday, BED said similar malicious activity was reported elsewhere in the country.
Vermont’s utilities connect to the New England electric grid run by ISO New England. Recchia said, because this allegedly involves a foreign government and because the grid is interconnected, officials have been in touch with emergency management personnel from the state, regional, and federal levels.
“I think it’s really important for people to recognize that this was probably a good test of our current system in the sense that unrelated to grid operations, a laptop was still found and reported,” Recchia said.
“This is the world we live in now, and we are working with all our partners, state, federal, and regional to make sure we stay ahead of this. It’s not going to be a surprise to people that the grid itself is somewhat computer-operated and is just like any other computerized system, vulnerable to these type of attacks, and we need to stay ahead of it,” he added.
Russian hackers involved in previous attacks used fraudulent emails to obtain passwords to trick recipients to give up passwords, the Post reports.
Green Mountain Power and Vermont Electric Co-op also participated in the Department of Homeland Security’s rigorous “risk vulnerability assessment” and found no threat to electric grid systems.
Gov. Peter Shumlin said his office has been in communication with the federal government and Vermont utilities about the incident.
“Vermonters and all Americans should be both alarmed and outraged that one of the world’s leading thugs, Vladimir Putin, has been attempting to hack our electric grid, which we rely upon to support our quality-of-life, economy, health, and safety,” Shumlin said. “This episode should highlight the urgent need for our federal government to vigorously pursue and put an end to this sort of Russian meddling. I call upon the federal government to conduct a full and complete investigation of this incident and undertake remedies to ensure that this never happens again.”
Sen. Patrick Leahy, D-Vt., said in a statement that he has been briefed by the Vermont State Police and he believes the Russian hackers were “trying to access utilities to potentially manipulate the grid and shut it down in the middle of winter.”
“That is a direct threat to Vermont and we do not take it lightly,” Leahy said.
Rep. Peter Welch, D-Vt., said in a statement that the attack “shows how rampant Russian hacking is.”
“It’s systemic, relentless, predatory,” Welch said. “They will hack everywhere, even Vermont, in pursuit of opportunities to disrupt our country. We must remain vigilant, which is why I support President Obama’s sanctions against Russia and its attacks on our country and what it stands for.”
Obama ordered the expulsion of 35 Russians on Friday in retaliation for the hacking of private email accounts that influenced the outcome of the U.S. election in November. The CIA has fingered Russian operatives for the cyber attacks.
VTDigger is underwritten by:
Editor’s note: This story was updated at 10 a.m. Dec. 31 with quotes from Leahy and Welch.
Don't miss a thing. Sign up here to get VTDigger's weekly email on the energy industry and the environment.