Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsApparently the VT Electrical Grid was not compromised by the Russians
Russian operation hacked a Vermont utility, showing risk to U.S. electrical grid security, officials sayJuliet Eilperin and Adam Entous
Washington Post
Editors Note: An earlier version of this story incorrectly said that Russian hackers had penetrated the U.S. electric grid. Authorities say there is no indication of that so far. The computer at Burlington Electric that was hacked was not attached to the grid.
Russian hackers strike Burlington Electric with malware
April McCullum
Burlinton Free Press
Statement from Burlington Electric Department:
"Last night, U.S. utilities were alerted by the Department of Homeland Security (DHS) of a malware code used in Grizzly Steppe, the name DHS has applied to a Russian campaign linked to recent hacks," said Mike Kanarick, spokesman for Burlington Electric Department. "We acted quickly to scan all computers in our system for the malware signature. We detected the malware in a single Burlington Electric Department laptop not connected to our organizations grid systems. We took immediate action to isolate the laptop and alerted federal officials of this finding. Our team is working with federal officials to trace this malware and prevent any other attempts to infiltrate utility systems. We have briefed state officials and will support the investigation fully."
CORRECTION: An initial version of the story stated Russia penetrated the U.S. Grid. Recchia of the Public Service Board and Kanarick of Burlington Electric Department said the grid was not compromised.
"Last night, U.S. utilities were alerted by the Department of Homeland Security (DHS) of a malware code used in Grizzly Steppe, the name DHS has applied to a Russian campaign linked to recent hacks," said Mike Kanarick, spokesman for Burlington Electric Department. "We acted quickly to scan all computers in our system for the malware signature. We detected the malware in a single Burlington Electric Department laptop not connected to our organizations grid systems. We took immediate action to isolate the laptop and alerted federal officials of this finding. Our team is working with federal officials to trace this malware and prevent any other attempts to infiltrate utility systems. We have briefed state officials and will support the investigation fully."
CORRECTION: An initial version of the story stated Russia penetrated the U.S. Grid. Recchia of the Public Service Board and Kanarick of Burlington Electric Department said the grid was not compromised.
Russia Hysteria Infects WashPost Again: False Story About Hacking U.S. Electric Grid
Glenn Greenwald
The Intercept
There was no penetration of the U.S. electricity grid. The truth was undramatic and banal. Burlington Electric, after receiving a Homeland Security notice sent to all U.S. utility companies about the malware code found in the DNC system, searched all their computers and found the code in a single laptop that was not connected to the electric grid.
Apparently, the Post did not even bother to contact the company before running its wildly sensationalistic claims, so they had to issue their own statement to the Burlington Free Press which debunked the Posts central claim (emphasis in original): We detected the malware in a single Burlington Electric Department laptop NOT connected to our organizations grid systems.
So the key scary claim of the Post story that Russian hackers had penetrated the U.S. electric grid was false. All the alarmist tough-guy statements issued by political officials who believed the Posts claim were based on fiction.
Even worse, there is zero evidence that Russian hackers were responsible even for the implanting of this malware on this single laptop. The fact that malware is Russian-made does not mean that only Russians can use it; indeed, like a lot of malware, it can purchased (as Jeffrey Carr has pointed out in the DNC hacking context, assuming that Russian-made malware must have been used by Russians is as irrational as finding a Russian-made Kalishnikov AKM rifle at a crime scene and assuming the killer must be Russian).
As the actual truth emerged once the utility company issued its statement, the Post rushed to fix its embarrassment, beginning by dramatically changing its headline:
Apparently, the Post did not even bother to contact the company before running its wildly sensationalistic claims, so they had to issue their own statement to the Burlington Free Press which debunked the Posts central claim (emphasis in original): We detected the malware in a single Burlington Electric Department laptop NOT connected to our organizations grid systems.
So the key scary claim of the Post story that Russian hackers had penetrated the U.S. electric grid was false. All the alarmist tough-guy statements issued by political officials who believed the Posts claim were based on fiction.
Even worse, there is zero evidence that Russian hackers were responsible even for the implanting of this malware on this single laptop. The fact that malware is Russian-made does not mean that only Russians can use it; indeed, like a lot of malware, it can purchased (as Jeffrey Carr has pointed out in the DNC hacking context, assuming that Russian-made malware must have been used by Russians is as irrational as finding a Russian-made Kalishnikov AKM rifle at a crime scene and assuming the killer must be Russian).
As the actual truth emerged once the utility company issued its statement, the Post rushed to fix its embarrassment, beginning by dramatically changing its headline:
Vermont power company finds malware linked to Russian hackers
Richard Lawler
Engadget
The Washington Post first reported the finding, suggesting that Russian hackers had gained access to the electrical grid via the Vermont utility, however the company's statement says there's no indication that happened. In a statement, it said the laptop in question was not connected to grid systems. Vermont Public Service Commissioner Christopher Recchia told the Burlington Free Press that the grid was not in danger.
Because it's not clear exactly what matched, there's a possibility that it could be the result of a false positive, or shared code. Also, it's not clear when or how the malware got on the laptop. Based on those reasons, a number of security professionals on Twitter suggested waiting for more details before crediting this finding to Grizzly Steppe (a name attributed to the Russian attacks in Wednesday's report).
Because it's not clear exactly what matched, there's a possibility that it could be the result of a false positive, or shared code. Also, it's not clear when or how the malware got on the laptop. Based on those reasons, a number of security professionals on Twitter suggested waiting for more details before crediting this finding to Grizzly Steppe (a name attributed to the Russian attacks in Wednesday's report).
There's a lot of sloppy journalism going on here, and we all need to take a deep breath. Possible hacking by state actors and securing critical infrastructure are serious topics. Reporters shouldn't jump to the sexiest headline before doing actual fact finding.
InfoView thread info, including edit history
TrashPut this thread in your Trash Can (My DU » Trash Can)
BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks)
4 replies, 1793 views
ShareGet links to this post and/or share on social media
AlertAlert this post for a rule violation
PowersThere are no powers you can use on this post
EditCannot edit other people's posts
ReplyReply to this post
EditCannot edit other people's posts
Rec (0)
ReplyReply to this post
4 replies
= new reply since forum marked as read
Highlight:
NoneDon't highlight anything
5 newestHighlight 5 most recent replies
Apparently the VT Electrical Grid was not compromised by the Russians (Original Post)
portlander23
Dec 2016
OP
Else You Are Mad
(3,040 posts)1. It is easier to say sorry...
Than to lose out on eyeballs and ratings.
Wellstone ruled
(34,661 posts)2. If this MalWare was on one Laptop,
how many more are compromised? It is the Mal Ware that needs to be addressed. How many more Laptops around the Country have had a connection to the so called Patient Zero? There is one hell of a lot more here than has been released.
LittleBlue
(10,362 posts)3. Playing right into Putin's hands
He can claim the Washington Post is "fake news" now. CNN did it a few days ago with the American school in Moscow.
These media must stop fact checking before publishing stories, or they're going to get lumped in with RT and Sputnik.
elehhhhna
(32,076 posts)4. Dupe thread
In more ways than one lol