Russian hackers strike at US electrical grid, report says

Code associated with a Russian hacking operation, known as 'Grizzly Steppe,' is found at a Vermont utility.

Andrew Morse Former executive editor
Andrew Morse is a veteran reporter and editor. Before joining CNET, he worked at The Wall Street Journal, Reuters and Bloomberg, among other publications.
Andrew Morse
3 min read
Andrew Brookes, Getty Images/Cultura RF

Editor's Note: The Washington Post has since followed up on its report with new information indicating there was no Russian attempt to hack the Burlington Electric Department. For more information, see CNET's coverage on these updates.

Computer code associated with a Russian hacking effort was found at a Vermont utility but wasn't used to disrupt its operations, according to a report late Friday.

The penetration of Burlington Electric Department may have been a test to see whether hackers could get penetrate the US electrical grid, The Washington Post reported, citing unnamed US officials. The code, which is associated with Grizzly Steppe, the Department of Homeland Security's name for a Russian hacking operation, was detected on a laptop associated with the utility but not attached to the grid, the utility said Friday.

"We acted quickly to scan all computers in our system for the malware signature," the utility said in a statement. "We detected the malware in a single Burlington Electric Department laptop not connected to our organization's grid systems. We took immediate action to isolate the laptop and alerted federal officials of this finding."

Federal officials shared the Grizzly Steppe code with executives earlier this week and it was identified in the Vermont utility on Friday, according to the report. It's unclear when the code first entered the Vermont utility.

Vermont Sen. Patrick Leahy said the incident represents a "direct threat" to his state.

"This is beyond hackers having electronic joy rides - this is now about trying to access utilities to potentially manipulate the grid and shut it down in the middle of winter," the Democratic senator said in a statement.

The Department of Energy didn't respond to a request for comment on the report. The Department of Homeland Security couldn't be reached for comment.

The Russian Embassy didn't respond to a request for comment.

The report comes as tensions between the US and Russia over hacking heat up. On Thursday, the Obama administration sanctioned nine entities and individuals and is expelling 35 Russian diplomats after federal investigators found Russia had tried to interfere with the US presidential election by hacking and releasing emails associated with Democratic nominee Hillary Clinton.

Russia has denied any involvement in hacking directed at the US election.

Utilities and banks have been hacked before. Iranian hackers were indicted earlier this year for allegedly hacking a US bank and a New York dam. Separately, parts of Ukraine's power grid were taken down in a hack some researchers have attributed to Russian activity.

CNET's Steven Musil contributed to this report.

Originally published December 30 at 7:05 p.m. PT.

Updated December 31 at 9:30 a.m. to add additional information and comment and to correct headline. Hack did not penetrate the actual electrical grid.

Life, disrupted: In Europe, millions of refugees are still searching for a safe place to settle. Tech should be part of the solution. But is it? CNET investigates.

Does the Mac still matter? Apple execs tell why the MacBook Pro was over four years in the making, and why we should care. Read about it here.