Russia Hacking Electric Utility Computers Now, Not That It's Anything To Worry About (Updated)
We just don't know what went wrong!
UPDATE: The Washington Post hasrun a new story indicating that malware found on the electric company's laptop computer doesnotappear to be related to the Russian government. Yr Wonkette has posted our own updated story on the journalistic fuck-tussle.
So here's a thing thathappeneddidn't happen (look at the update, right up there. Jeeze): A Vermont electric utility's computer system appears to have been hacked by our good friends the Russians, but don't worry too much, because the laptop that was hacked wasn't actually connected to the electric power grid. See? Nothing to worry about! It's not like anything bad could come of that, right?
While the Russians did not actively use the code to disrupt operations, according to officials who spoke on the condition of anonymity to discuss a security matter, the discovery underscores the vulnerabilities of the nation’s electrical grid. And it raises fears in the U.S. government that Russian government hackers are actively trying to penetrate the grid to carry out potential attacks.
Oh. Umm, actually, that does sound like it might not be a great thing, and that the Russian hacking operation -- called "Grizzly Steppe" by computer security experts, because if it's a hacking group, it has to be given a cool nickname -- actually is trying to probe for weaknesses in other computers that might be connected to the grid? Not that it's time to panic or anything, because if there's one thing American companies are really good at, it's computer security. Just ask anyone who's had to get a new credit card after their bank was hacked.
So on the "Keep Calm and Carry On" side of the story, we have this:
Burlington Electric said in a statement that the company detected a malware code used in the Grizzly Steppe operation in a laptop that was not connected to the organization’s grid systems. The firm said it took immediate action to isolate the laptop and alert federal authorities.
Friday night, Vermont Gov. Peter Shumlin (D) called on federal officials “to conduct a full and complete investigation of this incident and undertake remedies to ensure that this never happens again.”
So the utility has pretty good security, the intrusion was caught quickly, and nothing was harmed. On the "Yep, We're Fucked" side, there's the fact that the hacking probes are happening in a utility system at all. Sen. Patrick Leahy, who doesn't exactly strike us as a panic-monger, certainly sounds concerned about the Russkies trying to sap and impurify our precious electrons:
“This is beyond hackers having electronic joy rides -- this is now about trying to access utilities to potentially manipulate the grid and shut it down in the middle of winter,” Leahy said in a statement. “That is a direct threat to Vermont and we do not take it lightly.”
We're waiting on the Trumpiverse to explain this is probably no big deal, because a little friendly probing of each other's power grids is just how countries get along with each other these days, and maybe it was that 400-pound guy on a bed somewhere, spoofing the Grizzly Steppe malware for the lulz.
Oh, yes, and then there's this really reassuring bit:
American officials, including one senior administration official, said they are not yet sure what the intentions of the Russians might have been. The incursion may have been designed to disrupt the utility’s operations or as a test to see whether they could penetrate a portion of the grid.
Officials said that it is unclear when the code entered the Vermont utility’s computer, and that an investigation will attempt to determine the timing and nature of the intrusion, as well as whether other utilities were similarly targeted.
“The question remains: Are they in other systems and what was the intent?” a U.S. official said.
Eh, it's probably nothing. Bored teenagers who want to play a game, maybe. WaPo notes that the Department of Homeland Security and other agencies have briefed executives from multiple economic sectors on the Grizzly Steppe malware code, so they can keep an eye out for it. So there's your ounce of prevention. Here's hoping the briefings were given to competent IT executives and not, say, people who think the internet is kept in a little black box with a blinking red light on top.
Besides, it's not like there's any precedent for malicious hacking of electrical grids. Or at least Russia totally denies it had anything to do with the hacking of Kiev's power grid in 2015, which blacked out part of the Ukranian capital, so we should probably take their word for it. It's a mystery, really, a lot like all those Russian-speaking soldiers wearing uniforms with no insignia on them, driving through Ukraine in unmarked Russian-manufactured trucks and armored vehicles in 2015 as well. They might have been cosplayers from New Jersey with a deep commitment to realism.
So really, let's not jump to any conclusions about Russia having any untoward intentions. After all, the whole age of computer has made it where nobody knows exactly what is going on. The power grid is probably fine. Malware left behind by hackers? That's nowhere near as solid as the evidence Hillary Clinton and John Podesta were running a child sex dungeon out of a pizza parlor.
[ WaPo / Reuters / New Republic ]
Russia Hacking Electric Utility Computers Now, Not That It's Anything To Worry About (Updated)
Roman. Otherwise, Putin might assume it's the work of Ukrainian separatists.
I amp undecided.