« Don't be Phished by Russians - or Anyone Else | Main | Solar and Wind Need Natural Gas »

January 01, 2017

Administration Leaks Inaccurate Report of US Electric Grid Hack

Friday night The Washington Post (WaPo) ran a front page story saying that, “according to officials who spoke on condition of anonymity”, Russian hackers had penetrated the US electrical grid at a then unnamed utility in Vermont. Other major news organizations, to their credit, did NOT pick up this story. Turns out that WaPo made a very bad choice in running it.

If you now look at the story, there’s a banner above it saying:

Editor’s Note: An earlier version of this story incorrectly said that Russian hackers had penetrated the U.S. electric grid. Authorities say there is no indication of that so far. The computer at Burlington Electric that was hacked was not attached to the grid.”

But there’s no front page story in today’s WaPo explaining how administration sources used the paper to spread inaccurate, scary information – quite possibly as part of the unseemly tit-for-tat between Trump and Obama over Putin (which Putin is winning so far).

Here’s part of the statement from the utility, which turns out to be Burlington Electric and which appears to have acted quickly, effectively, and responsibly:

“There is no indication that either our electric grid or customer information has been compromised. Media reports stating that Burlington Electric was hacked or that the electric grid was breached are false…

“Federal officials have indicated that this specific type of Internet traffic also has been observed elsewhere in the country and is not unique to Burlington Electric. It’s unfortunate that an official or officials improperly shared inaccurate information with one media outlet, leading to multiple inaccurate reports around the country.”

What did happen is that malware called Grizzly Steppe was found by the utility on a worker’s laptop which was NOT connected to either the electric grid control computers or customer information. This is serious but nothing like penetrating the grid. American businesses routinely find malware and viruses on their computers and detect phishing attacks.

[Update 1/5/2017 The story gets stranger and stranger. WaPo has now walked back from even the claims that Grizzly Steppe was found on the computer or that there was necessarily any Russian involvement. According to a story in VTDigger "The Post said it received bad information from anonymous authorities who leaked to them 'without having all the facts and before law enforcement officials were able to investigate further.'" Essentially the sources used WaPo to yell "fire" in a crowded theater.]

Here are some questions which WaPo and other media ought to be asking:

  1. Why did the administration leak inaccurate information?
  2. If there is a real threat which the nation needs to know about, what’s the correct way to make that information public? (hint: the answer is not an anonymous leak)
  3. Since the FBI and DHS knew about Grizzly Steppe ever since they investigated the hack of the Democratic National Committee way back when, why did they wait to alert Burlington Electric and other utilities until last Thursday? (technical note: each piece of malware effectively has a digital signature – the code itself. Virus scanning programs look for this pattern on computers to detect the virus.)
  4. Why didn’t law enforcement make the digital signature of Grizzly Steppe available to the commercial antivirus firms? If they had, almost very business computer in the country if not the world would have been cleansed. Have they done that now?
  5. Why do we want to let the hackers know where they have been effective? There is a cyberwar and this is battlefield intelligence.

I have no fondness for Putin, no illusions about his intentions. I’m among those who think Russia should have been sanctioned sooner rather than later and that President Obama should’ve done more than say “cut it out” and threaten his usual “consequences”. I’m very nervous about Trump’s seeming fondness for the Russian leader.

But acts speak much louder than words. This leak by the administration was petty and probably partisan. It damages rather than helps our side. WaPo should not have been complicit in this; should’ve insisted on attribution or fact checking. The New York Times was wise not to pick up the unsourced story.

But now the questions above need to be answered.

| Comments (View)

Recent Posts

Defund Teachers During the Pandemic

Forward To a New Normal - The Scratch Version

Forward to a New Normal

We Need Massive Turnout and Unambiguous Results from the November Election

Should K-12 Schools Reopen?


blog comments powered by Disqus
Blog powered by TypePad
Member since 01/2005