As federal officials investigate suspicious Internet activity found on one of Burlington Electric Department's utility computers, they are finding evidence that the incident is not linked to any Russian government effort. Last week, The Washington Post reported that code associated with Russian hackers had been discovered within the system of an unnamed Vermont utility. Burlington Electric had, indeed, reported an alert to federal authorities.
But now, according to a newly published story by the Washington Post and a statement from Burlington Electric, an attack by the Russian government on Vermont's electric grid is not probable in this instance.
Last week, an employee at Burlington Electric Department was checking his Yahoo email account and triggered an alert indicating that his computer had connected to a suspicious IP address associated by authorities with the Russian hacking operation (Grizzly Steppe) that infiltrated the Democratic Party.
Burlington Electric released a statement on Friday evening saying that the firm had “detected the malware” in a single laptop. The company said in its statement that the laptop was not connected to its grid systems.
Then on Dec. 31, Burlington Electric stated that federal officials had indicated that the specific type of Internet traffic also had been observed elsewhere in the country and is not unique to Burlington Electric.
"It’s unfortunate that an official or officials improperly shared inaccurate information with one media outlet, leading to multiple inaccurate reports around the country," said Neale F. Lunderville, Burlington Electric general manager. "Media reports stating that Burlington Electric was hacked or that the electric grid was breached are false."
Officials say it is possible that the traffic is benign, since this particular IP address is not always connected to malicious activity.
"Cybersecurity is an issue that Burlington Electric and all U.S. utilities take very seriously," Lunderville said in a statement. "We focus every day to protect the integrity of the electric grid and the personal information of our valued customers."