Skip to main content

RUSSIAN HACKERS’ PENETRATE US POWER GRID WITH ‘OUTDATED UKRAINIAN MALWARE



Originally appeared at RT

A Vermont utility sounded the alarm after finding malware code on a laptop that the FBI and DHS had touted as associated with Russian hackers. However, cybersecurity specialists say the code came from an outdated Ukrainian hacking tool.


On Thursday, the FBI and DHS released a joint report on a hacking operation they called ‘Grizzly Steppe’. They claimed the operation was linked to the Russian government, alleging that it had targeted “US persons and institutions, including from US political organizations.”

Along with the report, the US security agencies released a sample of the malware code allegedly used in the Grizzly Steppe operation to compromise US computer networks. The code was also shared with executives from 16 industries around the nation, including the financial, utility, and transportation sectors, according to a Washington Post report.

On Friday, Burlington Electric, a Vermont-based power company, released a statement saying that the malware code had been detected during a scan of a single company laptop that was not connected to the grid.

“We took immediate action to isolate the laptop and alerted federal officials of this finding. Our team is working with federal officials to trace this malware and prevent any other attempts to infiltrate utility systems. We have briefed state officials and will support the investigation fully,” the statement said.

The US media reported the incident as if Russian hackers had penetrated America’s electric grids, prompting some officials to call on the federal government to protect Americans from Russian President Vladimir Putin.


“Vermonters and all Americans should be both alarmed and outraged that one of the world’s leading thugs, Vladimir Putin, has been attempting to hack our electric grid, which we rely upon to support our quality-of-life, economy, health, and safety,” Vermont Governor Peter Shumlin said in a statement.

“This episode should highlight the urgent need for our federal government to vigorously pursue and put an end to this sort of Russian meddling,” he said.

Meanwhile, a number of IT specialists that have analyzed the code and other evidence published by the US government are questioning whether it really proves a Russian connection, let alone a connection to the Russian government. Wordfence, a cybersecurity firm that specializes in protecting websites running WordPress, a PHP-based platform, published a report on the issue on Friday.

Wordfence said they had traced the malware code to a tool available online, which is apparently funded by donations, called P.A.S. that claims to be “made in Ukraine.” The version tested by the FBI/DHS report is 3.1.7, while the most current version available on the tool’s website is 4.1.1b.

“One might reasonably expect Russian intelligence operatives to develop their own tools or at least use current malicious tools from outside sources,” the report says.

The second part of the analysis deals with the list of IP addresses provided by the US agencies. The report says they “don’t appear to provide any association with Russia” and “are probably used by a wide range of other malicious actors.”

This week, the Obama administration accused the Russian government of hacking US computer networks in order to influence the presidential to justify imposing some of the toughest sanctions on Russia yet, including the expulsion of 35 Russian diplomats and blocking access to two leisure compounds used by Russian Foreign Ministry personnel and their visitors.

Russia chose to ignore the punitive measures, calling their imposition a clear provocation, while saying that Moscow will build its relations with the US based on the policies of the next administration under President-elect Donald Trump, not President Barack Obama’s parting shots.

In October, Putin ridiculed the idea that Russia could influence the US presidential election, saying that America was not “a banana republic.”

Comments

Popular posts from this blog

Why States Still Use Barrel Bombs

Smoke ascends after a Syrian military helicopter allegedly dropped a barrel bomb over the city of Daraya on Jan. 31.(FADI DIRANI/AFP/Getty Images) Summary Barrel bombs are not especially effective weapons. They are often poorly constructed; they fail to detonate more often than other devices constructed for a similar purpose; and their lack of precision means they can have a disproportionate effect on civilian populations. However, combatants continue to use barrel bombs in conflicts, including in recent and ongoing conflicts in Africa and the Middle East, and they are ideally suited to the requirements of resource-poor states. Analysis Barrel bombs are improvised devices that contain explosive filling and shrapnel packed into a container, often in a cylindrical shape such as a barrel. The devices continue to be dropped on towns all over Syria . Indeed, there have been several documented cases of their use in Iraq over the past months, and residents of the city of Mosul, which was re

Russia Looks East for New Oil Markets

Click to Enlarge In the final years of the Soviet Union, Soviet leader Mikhail Gorbachev began orienting his foreign policy toward Asia in response to a rising Japan. Putin has also piloted a much-touted pivot to Asia, coinciding with renewed U.S. interest in the area. A good expression of intent was Russia's hosting of the Asia-Pacific Economic Cooperation summit in 2012 in Vladivostok, near Russia's borders with China and North Korea. Although its efforts in Asia have been limited by more direct interests in Russia's periphery and in Europe, Moscow recently has been able to look more to the east. Part of this renewed interest involves finding new export markets for Russian hydrocarbons. Russia's economy relies on energy exports, particularly crude oil and natural gas exported via pipeline to the West. However, Western Europe is diversifying its energy sources as new supplies come online out of a desire to reduce its dependence on Russian energy supplies . This has

LONDON POLICE INDIRECTLY ENCOURAGE CRIMINALS TO ATTACK RUSSIAN DIPLOMATIC PROPERTY

ILLUSTRATIVE IMAGE A few days ago an unknown perpetrator trespassed on the territory of the Russian Trade Delegation in London, causing damage to the property and the vehicles belonging to the trade delegation , Russian Foreign Ministry Spokeswoman Maria Zakharova said during the September 12 press briefing. The diplomat revealed the response by the London police was discouraging. Police told that the case does not have any prospects and is likely to be closed. This was made despite the fact that the British law enforcement was provided with video surveillance tapes and detailed information shedding light on the incident. By this byehavior, British law inforcements indirectly encourage criminals to continue attacks on Russian diplomatic property in the UK. Zakharova’s statement on “Trespassing on the Russian Trade Mission premises in London” ( source ): During our briefings, we have repeatedly discussed compliance with the Vienna Convention on Diplomatic Relations, specif