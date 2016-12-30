The Burlington Electric Department has confirmed that malware from Russian hackers was found in one of their computers.

The Washington Post first reported Friday night about a breach of the U.S. electric grid through a utility in Vermont. The newspaper said a code associated with a Russian hacking operation was detected in the system of a Vermont utility. The report said the hackers did not disrupt operations and officials are not yet sure what their intentions were. However, officials say breaching the nation's electrical grid shows a potentially serious vulnerability.

According to the report, the hackers used fraudulent emails to trick recipients into revealing their passwords.

In a statement Friday night following the report, Mike Kanarick of Burlington Electric said the malware was found in one laptop that was not connected to the grid systems.

"Last night, U.S. utilities were alerted by the Department of Homeland Security (DHS) of a malware code used in Grizzly Steppe, the name DHS has applied to a Russian campaign linked to recent hacks. We acted quickly to scan all computers in our system for the malware signature. We detected the malware in a single Burlington Electric Department laptop not connected to our organization's grid systems. We took immediate action to isolate the laptop and alerted federal officials of this finding. Our team is working with federal officials to trace this malware and prevent any other attempts to infiltrate utility systems. We have briefed state officials and will support the investigation fully."

Shortly after the news broke, Channel 3's Keith McGilvery spoke with Duane Dunston, a cybersecurity expert at Champlain College.

Keith: Duane when you heard about this you said you thought immediately it was spear phishing. What is that?

Duane: Spear phishing is when some malicious actors send a targeted email to specific people. And it's called spear phishing because it's targeting specific people. It's an attempt to gain access to that person's computer or some account that that person has access to and from there it's anybody's guess as to what they're going to do with it.

Keith: The statement from Burlington Electric says they found malware in one laptop. What is malware?

Duane: Malware is short-term for malicious software, it encompasses viruses, root kits, or back doors in systems. Root kits are used to hide the existence of a backdoor to further allow an attacker to maintain access to a system without being detected.

Keith: What should Vermonters make of the fact that they only say they found it in one laptop? Is that comforting? Is it concerning?

Duane: It's not comforting. One system being affected can allow access to multiple systems. One, we don't know how long that system was infected. Also, what was this malware up to? Did it gain access to accounts that that person may have access to, which could then give them further access. Did it get access to the email system for example? They could send emails to people, pretending to be that person, and they could be in any location depending on how they have access to that email. We also don't know what type of information was on that laptop to begin with, so it's very concerning.

Keith: What kind of conversations are utilities having right now whether it's Burlington Electric or one of the other utilities?

Duane: They want an understanding of this laptop, the person who has it. What kind of access do they have in the organization, What kind of accounts do they have access to. What type of activities, what kind of intellectual properties – potentially – are on that laptop. Also what type of risk assessments have we undergone, meaning what kind of security audits have we undergone. Have we done any tests to see if someone can get access to our systems. Do we know what the value of the information is, and what kind of access that person had once they were inside the system.

Vermont Senator Patrick Leahy commented on the situation saying; "This is beyond hackers having electronic joy rides – this is now about trying to access utilities to potentially manipulate the grid and shut it down in the middle of winter. That is a direct threat to Vermont and we do not take it lightly."

Governor Peter Shumlin responded to the news saying, "Vermonters and all Americans should be both alarmed and outraged that one of the world's leading thugs, Vladimir Putin, has been attempting to hack our electric grid."

Governor-Elect Phil Scott weighed in as well, "The utility is working closely with federal officials to trace this malware and state public safety officials will continue to coordinate with our federal partners."

Public Safety Commissioner Keith Flynn said he was aware of the report but had no comment.

Click here for more on the Grizzly Steppe hacking operation from the Department of Homeland Security.