The Burlington Electric utility company in Vermont reported on Friday that it had found malicious software purportedly linked to state-sponsored Russian hackers on one of its laptop computers. The laptop was not connected to the utility’s power-grid system, and the power grid was never compromised. It is also not yet clear how the malware ended up on the computer. The municipally owned utility discovered the software after being prompted on Thursday to scan for the malware code by the Department of Homeland Security. The laptop was immediately isolated and federal authorities are now investigating the incident. According to the Washington Post, unnamed U.S. security officials allege that the malicious code found on the laptop is associated with the “Grizzly Steppe” Russian hacking operation that the Obama administration says was involved in attempts to interfere in the recent U.S. presidential election. Assuming the software was indeed deliberately installed on the computer in order to target the utility, it remains unclear what the alleged hacking was intended to accomplish, and U.S. officials will now attempt to determine the purpose, timing, and nature of the possible intrusion.
“Our team is working with federal officials to trace this malware and prevent any other attempts to infiltrate utility systems,” Burlington Electric announced in a statement. Vermont lawmakers like Governor Peter Shumlin and Senator Patrick Leahy, both Democrats, are characterizing the incident as a deliberate cyberattack by Russian intelligence services.
It is not yet clear if this is an isolated infection. The Department of Homeland Security and the FBI reportedly alerted executives from 16 U.S. business sectors this week about the alleged “Grizzly Steppe” code. The code was shared with executives in the utility, financial, and transportation industries, but so far it seems that Burlington Electric is the only business to report finding it on any of their computers. There is no indication that the infected laptop posed any risk to the utility or Vermont’s power grid at this time, but as the Post notes, American authorities have long been tracking efforts by foreign powers to infect the computers of U.S. utility companies with malicious code.
On Thursday, President Obama issued sanctions against members of Russia’s intelligence services and expelled 35 Russian intelligence officials from the U.S. over what the Obama administration and U.S. intelligence community allege were attempts to interfere in the recent presidential election on behalf of President-elect Donald Trump.
This post has been updated to link to the DHS’s confirmation that the utility’s power grid was not put at risk.