A state electric utility confirmed Friday it had found on one of its laptops a malware code the U.S. government says is used by Russian hackers.
The Burlington Electric Department said U.S. utilities were alerted by the Department of Homeland Security on Thursday of a malware code used in Grizzly Steppe, the name Homeland Security has applied to a Russian campaign linked to recent hacks.
Burlington Electric, which is municipally owned, said it detected the malware in a laptop not connected to its grid systems. It said it took “immediate action to isolate the laptop and alerted federal officials.”
State, federal officials notified
“Our team is working with federal officials to trace this malware and prevent any other attempts to infiltrate utility systems,” it said in an emailed statement.
It said it had briefed state officials and would fully support an investigation.
Democratic Gov. Peter Shumlin said his administration had been in touch with the federal government and the state’s utilities.
“Vermonters and all Americans should be both alarmed and outraged that one of the world’s leading thugs, (Russian President) Vladimir Putin, has been attempting to hack our electric grid, which we rely upon to support our quality-of-life, economy, health, and safety,” he said in a statement.
He said the hacking episode should highlight the urgent need for the federal government to “vigorously pursue and put an end to this sort of Russian meddling.”
Burlington Electric, which says it’s “at the forefront of the green energy revolution,” is one of the state’s two largest electric utilities. The other, Colchester-based Green Mountain Power, said its systems were secure.
Second utility clear
“Our teams have done a complete systems check and found no security concerns,” it said.
Green Mountain Power, which serves about 265,000 residential and business customers, said it recently was thoroughly reviewed for safety by Homeland Security. It said it would continue to rigorously monitor its systems and remain vigilant.
Russia has denied hacking U.S. systems.