BURLINGTON, Vt. (AP) — Several states around the country asked cybersecurity experts to re-examine state and utility networks after a Vermont utility’s laptop was found to contain malware U.S. officials say is linked to Russian hackers.
The Burlington Electric Department, one of Vermont’s two largest electric utilities, confirmed Friday it had found on one of its laptops the malware code used in Grizzly Steppe, the name the U.S. government has given to malicious cyber activity by Russian civilian and military intelligence services.
A Burlington Electric Department spokesman said federal officials have told company officials the threat was not unique to them.
The Department of Homeland Security said it had no information indicating the power grid was penetrated in the cyber operation. A spokesman wouldn’t say whether any other utilities, organizations or entities had reported similar malware on their systems but said any such information would be confidential.
Officials in New York, Rhode Island, Massachusetts and Connecticut said they’re more closely monitoring state and utility networks for anything suspicious.
“We have not detected any activity matching the reported malware at this time,” Connecticut governor’s office spokesman Chris Collibee said.
New Jersey’s homeland security director said the state had no reports of malicious activity associated with Grizzly Steppe at major utility systems.
In New York, Democratic Gov. Andrew Cuomo directed all state agencies to re-examine their computer systems for security breaches. Nothing had been found.
An attack on a U.S. power grid has long been a nightmare scenario for top U.S. officials. The National Security Agency and U.S. Cyber Command chief Adm. Michael Rogers have previously warned it’s not a matter of if but when attackers target U.S. power systems.