The somewhat dubious "Russia hacked the Vermont power grid" story

I saw this story breaking on social media last night and by the time I got up this morning it was plastered all over the papers and in the regular rotation on cable news shows. The Washington Post summed it up with some appropriately doom porn levels of dire warnings. “Russian operation hacked a Vermont utility, showing risk to U.S. electrical grid security.”

Wow. That sounds pretty bad. I suppose we’d better see what this is all about.

A code associated with the Russian hacking operation dubbed Grizzly Steppe by the Obama administration has been detected within the system of a Vermont utility, according to U.S. officials.

While the Russians did not actively use the code to disrupt operations, according to officials who spoke on the condition of anonymity to discuss a security matter, the discovery underscores the vulnerabilities of the nation’s electrical grid. And it raises fears in the U.S. government that Russian government hackers are actively trying to penetrate the grid to carry out potential attacks.

Officials in government and the utility industry regularly monitor the grid because it is highly computerized and any disruptions can have disastrous implications for the country’s medical and emergency services.

Those pesky Russians are at it again. Hacking into our power grid? That’s potentially disastrous, and given how much attention Russian hackers have received lately, why would we even be surprised? They’re clearly up to no good. But before we get too carried way, has anyone gone and read the actual details of what the folks at Burlington Electric actually said happened? They released a fairly detailed assessment to the Burlington Free Press last night.(Emphasis added)

Burlington Electric Department found malware on a laptop that is not connected to operation of the grid, Vermont Public Service Commissioner Christopher Recchia said.

Based on his knowledge Friday night, Recchia did not believe the electrical power grid was at risk from the incident.

The grid is not in danger,” Recchia said. “The utility flagged it, saw it, notified appropriate parties and isolated that one laptop with that malware on it.”

Recchia said Burlington Electric Department notified federal authorities upon discovery of the malware. Further details would come in a public statement from the utility, he said.

The Daily Caller described this as a case of the Washington Post publishing a false story and they provide a list of social media comments from journalists jumping on the bandwagon. Given the fact we now know, that sounds about right. When we compare the talking points on CNN and some of the headlines running around this morning to the report from the utility we see something of a disconnect. Was the grid hacked? Was there even so much as a brownout for a few seconds in Vermont? No. So how did they detect the “intrusion” into the system? As it turns out, the feds sent out a warning about this Grizzly Steppe malware and when the geek squad at Burlington Electric received the notification they dutifully began testing all of their systems. They located the malware on a single laptop which wasn’t even connected to the system. (And for all we know the malware in question showed up there because the person using the laptop was a correspondent of Anthony Weiner.) This could still turn out to be a case of somebody at the utility clicking on something they shouldn’t have while using the company laptop.

That’s not to say that this isn’t a pressing concern. The Russians most certainly are interested in the possibility of taking down power grids through cyber crime. This past January we looked at a very credible report which suggested that they had succeeded in launching a cyber attack on Ukraine’s grid. While somewhat ahead of the Ukranians, this is an area where we’re well behind the curve. The American power grid is woefully old and desperately in need of upgrades and smarter technology because we’re at risk in this regard in a very real way.

But at the same time, let’s not head for the panic rooms the first time anyone invokes the phrase “Russian hackers” these days. That’s become a magical talisman for media mavens and politicians over the past couple of months and Putin will soon be blamed for your car not starting when you go out to the driveway in the morning. This case in Vermont looks like yet another incident of some malware showing up on the computer gear of a public utility worker. It’s a good reason to heighten our defenses and get smarter about this, but much like the election, Vermont’s power grid wasn’t “hacked” this week. They just found a virus.