BURLINGTON, Vt. -- A state electric utility confirmed on Friday it had found on one of its laptops a malware code the U.S. government says is used by Russian hackers.
The Burlington Electric Department said U.S. utilities were alerted by the Department of Homeland Security on Thursday of a malware code used in Grizzly Steppe, the name Homeland Security has applied to a Russian campaign linked to recent hacks.
Burlington Electric, which is municipally owned, said it detected the malware in a laptop not connected to its grid systems. It said it took “immediate action to isolate the laptop and alerted federal officials.”
“Our team is working with federal officials to trace this malware and prevent any other attempts to infiltrate utility systems,” it said in an emailed statement.
U.S. intelligence agencies believe Russian hacking units often use other people’s computer networks to “hide their malicious activity,” CBS News homeland security correspondent Jeff Pegues reports. Newly declassified documents show that U.S. investigators suspect that Russian intelligence services have access to compromised computer infrastructure in as many as 60 countries.
The utility said it had briefed state officials and would fully support an investigation into the potential Russian hack. Russia, which has been accused of interfering in the U.S. presidential election by hacking American political sites and email accounts, has denied hacking U.S. systems.
According to a joint analysis, U.S. intelligence agencies have been tracking specific Russian signatures, or fingerprints of malicious cyberactivity, for years, which led them to focus on one culprit in connection with the cyberattack that affected Democratic Party officials, Pegues reports.
Democratic Gov. Peter Shumlin said his administration had been in touch with the federal government and the state’s utilities.
“Vermonters and all Americans should be both alarmed and outraged that one of the world’s leading thugs, (Russian President) Vladimir Putin, has been attempting to hack our electric grid, which we rely upon to support our quality-of-life, economy, health, and safety,” he said in a statement.
He said the hacking episode should highlight the urgent need for the federal government to “vigorously pursue and put an end to this sort of Russian meddling.”
Burlington Electric, which says it’s “at the forefront of the green energy revolution,” is one of the state’s two largest electric utilities. The other, Colchester-based Green Mountain Power, said its systems were secure.
“Our teams have done a complete systems check and found no security concerns,” it said.
Green Mountain Power, which serves about 265,000 residential and business customers, said it recently was thoroughly reviewed for safety by Homeland Security. It said it would continue to rigorously monitor its systems and “remain vigilant.”