The Washington Post

Russian hackers penetrated U.S. electricity grid through a utility in Vermont, U.S. officials say


The headquarters of FSB, grey building at center, in downtown Moscow, Russia on Friday, Dec. 30, 2016. FSB is a Russian spy agency named by the administration as being behind the Grizzly Steppe operation. (Alexander Zemlianichenko/AP)

A code associated with the Russian hacking operation dubbed Grizzly Steppe by the Obama administration has been detected within the system of a Vermont utility, according to U.S. officials.

While the Russians did not actively use the code to disrupt operations of the utility, according to officials who spoke on condition of anonymity in order to discuss a security matter, the penetration of the nation’s electrical grid is significant because it represents a potentially serious vulnerability. Government and utility industry officials regularly monitor the nation’s electrical grid because it is highly computerized and any disruptions can have disastrous implications for the function of medical and emergency services.

American officials, including one senior administration official, said they are not yet sure what the intentions of the Russians might have been. The penetration may have been designed to disrupt the utility’s operations or as a test by the Russians to see whether they could penetrate a portion of the grid.

Federal officials have shared the malware code used in Grizzly Steppe with utility executives nationwide, a senior administration official said, and Vermont utility officials identified it within their operations.

While it is unclear which utility reported the incident, there are just two major utilities in Vermont, Green Mountain Power and Burlington Electric.

According to a report by the FBI and the Department of Homeland Security, the hackers involved in the Russian operation used fraudulent emails that tricked their recipients into revealing passwords.

The Russians have been accused in the past of launching a cyberattack on Ukraine’s electrical grid, something they have denied. Cybersecurity experts say a hack in December 2015 destabilized Kiev’s power grid, causing a blackout in part of the Ukrainian capital. On Thursday, Ukranian President Petro Poroshenko accused Russian of waging a cyber war on his country that has entailed 6,500 attacks against Ukranian state institutions over the past two months.

A DHS spokesman declined to comment on the matter Friday.

30+
Comments
36
Show Comments
0 Comments
Washington Post Subscriptions

Get 2 months of digital access to The Washington Post for just 99¢.

A limited time offer for Apple Pay users.

Buy with
Cancel anytime

$9.99/month after the two month trial period. Sales tax may apply.
By subscribing you agree to our Terms of Service, Digital Products Terms of Sale & Privacy Policy.

Get 2 months of digital access to The Washington Post for just 99¢.

Sign up for email updates from the "Confronting the Caliphate" series.

You have signed up for the "Confronting the Caliphate" series.

Thank you for signing up
You'll receive e-mail when new stories are published in this series.
Most Read

world

national-security

Success! Check your inbox for details.

See all newsletters

Close video player
Now Playing
Read content from allstate
Content from Allstate This content is paid for by an advertiser and published by WP BrandStudio. The Washington Post newsroom was not involved in the creation of this content. Learn more about WP BrandStudio.
We went to the source. Here’s what matters to millennials.
A state-by-state look at where Generation Y stands on the big issues.