Evidence of Russian hacking has been detected in a Vermont utility system, a company spokesman confirmed Friday night. A representative of Burlington Electric Department said in statement that a Russian campaign linked to recent cyberattacks had breached a single laptop within the utility, though it was not connected to the organization’s electrical grids.
The intent of the Russian hacking operation, known as Grizzly Steppe by the Obama administration, has yet to be determined, but the breach could signal vulnerabilities within the American electrical grid. The penetration, first reported by the Washington Post, which cited U.S. officials including at least one senior administration official, could also signal an attempt to test Russian capability to disrupt other utilities.
Kanarick indicated that state officials, in addition to the Department of Homeland Security, had been briefed on the matter and that the utility organization would fully support the investigation into the breach.
A senior administration official declined to comment specifically on the new report, but told POLITICO, “By exposing Russian malware in the JAR [Joint Analysis Report] yesterday, the Administration sought to alert all network defenders in the United States and abroad to this malicious activity to better secure their networks and defend against Russian malicious cyber activity.”
The FBI and the Electricity Information Sharing and Analysis Center, an industry cyber defense organization, did not respond to requests for comment.