Correction to WaPo story via Washington Post – Russian government hackers do not appear to have targeted Vermont utility, say people close to investigation – “U.S. officials are continuing to investigate the laptop. In the course of their investigation, though, they have found on the device a package of software tools commonly used by online criminals to deliver malware. The package, known as Neutrino, does not appear to be connected with Grizzly Steppe, which U.S. officials have identified as the Russian hacking operation. The FBI, which declined to comment, is continuing to investigate how the malware got onto the laptop.”
Related – The Washington Post published a false story, but it’s not fake news – It’s ok to criticize the newspaper for wrongly reporting that Russia hacked the U.S. power grid, just don’t confuse it with fake news.
Follow up to update my previous lengthy posting on resources related to the Russian hacking of the US election, via the Washington Post today By Juliet Eilperin and Adam Entous: “A code associated with the Russian hacking operation dubbed Grizzly Steppe by the Obama administration has been detected within the system of a Vermont utility, according to U.S. officials. While the Russians did not actively use the code to disrupt operations, according to officials who spoke on the condition of anonymity to discuss a security matter, the discovery underscores the vulnerabilities of the nation’s electrical grid. And it raises fears in the U.S. government that Russian government hackers are actively trying to penetrate the grid to carry out potential attacks. Officials in government and the utility industry regularly monitor the grid because it is highly computerized and any disruptions can have disastrous implications for the country’s medical and emergency services. Burlington Electric said in a statement that the company detected a malware code used in the Grizzly Steppe operation in a laptop that was not connected to the organization’s grid systems. The firm said it took immediate action to isolate the laptop and alert federal authorities….According to the report by the FBI and DHS, the hackers involved in the Russian operation used fraudulent emails that tricked their recipients into revealing passwords.”