Sunday, January 01, 2017


I hate the way this story is being reported:
The Washington Post has corrected a story that originally said Russian hackers penetrated the U.S. electric grid by breaching a utility company in Vermont.

“An earlier version of this story incorrectly said that Russian hackers had penetrated the U.S. electric grid. Authorities say there is no indication of that so far. The computer at Burlington Electric that was hacked was not attached to the grid,” an editor's note attached to the original article said....

According to the report, which cited anonymous senior administration officials, a code linked to the Grizzly Steppe operation was found within the utility's system.

Officials told the newspaper that the breach did not interrupt electrical operations.
I missed the original version of this story. I read the updated version during a layover last night. I still find it alarming:
Burlington Electric said in a statement that the company detected a malware code used in the Grizzly Steppe operation in a laptop that was not connected to the organization’s grid systems. The firm said it took immediate action to isolate the laptop and alert federal authorities.
To the right and the liberal-bashing left, it's just "fake news." Glenn Greenwald's headline at the Intercept is:
Russia Hysteria Infects WashPost Again: False Story About Hacking U.S. Electric Grid
Which is nearly identical to the right's message:

Is it really hard to understand what's going on here? Let me explain by quoting a detail from another story about the Russians. This one is a New York Times report on Vladimir Putin's decision not to expel any U.S. diplomats after President Obama ordered a number of Russian diplomats to leave America.
While Mr. Obama framed the new American measures as a response to Russian hacking during the election, the expulsion of Russian diplomats from Washington and San Francisco was described as a response to continued harassment of American diplomats in Russia.

Mr. Putin’s spokesman, Dmitri S. Peskov, denied that any such harassment had taken place, but American diplomats tell a different story. Many travel around Moscow in cars with red diplomatic license plates that start with 004, denoting United States Embassy vehicles. That makes them easy targets for traffic stops.

Embassy employees said they were followed as they moved around the city, and that sometimes, when they were not at home, agents would enter and move the furniture around, just to show that they had been there.
(Emphasis added.)

See, that's what the Russians did in Burlington. They didn't cause any real mayhem. They just poked around a laptop on the premises of an electric utility in order to rattle us. It's just like breaking into U.S. diplomats' residences and rearranging the furniture. They want us to think they really could mess with us if they chose to.

To me that's infuriating enough. It appalls me that our next president is in bed with these schmucks, and it infuriates me that the right and the anti-liberal left think all of this is no big deal.


UPDATE, TUESDAY, 1/2: Well, now we have a real walkback from the Post.
As federal officials investigate suspicious Internet activity found last week on a Vermont utility computer, they are finding evidence that the incident is not linked to any Russian government effort to target or hack the utility, according to experts and officials close to the investigation.

... Officials told the [Burlington Electric Department] that traffic with this particular [IP] address is found elsewhere in the country and is not unique to Burlington Electric, suggesting the company wasn’t being targeted by the Russians. Indeed, officials say it is possible that the traffic is benign, since this particular IP address is not always connected to malicious activity.

... U.S. officials are continuing to investigate the laptop. In the course of their investigation, though, they have found on the device a package of software tools commonly used by online criminals to deliver malware. The package, known as Neutrino, does not appear to be connected with Grizzly Steppe, which U.S. officials have identified as the Russian hacking operation. The FBI, which declined to comment, is continuing to investigate how the malware got onto the laptop.
On the other hand, the Russians certainly do this sort of thing. From a CBS story that ran just before Christmas (hat tip: Paul Canning:
Last weekend, parts of the Ukrainian capitol Kiev went dark. It appears Russia has figured out how to crash a power grid with a click.

Last December, a similar attack occurred when nearly a quarter of a million people lost power in the Ivano-Frankivsk region of Ukraine when it was targeted by a suspected Russian attack.
So stay alert.


CZEdwards said...

Penetration and proximity testing. They now know how close they can get, and have some parameters on defenses and detection.

There are still a lot of very small electric co-ops that link into the grid and can't afford a lot of IT staff, and those staff often don't have a lot of institutional influence. A successful detection and quarantine bothers me a lot less than the ones we don't know about.

Done with Greenwald. If he's not bought and paid for, he's dangerously naive.

Ivory Bill Woodpecker said...

I call the anti-liberal Left the "Horseshoe Left", from the Horseshoe Theory.

Ken_L said...

It's kind of a big deal, well a medium-sized one, but extremely tame compared to what other countries have had to put up with from the US over the years. Everything from sanctions against Russia for reclaiming the Crimea, which should never have been given to Ukraine in the first place, through encouraging regime change in Ukraine, through incremental expansion of NATO to bring countries that used to be part of the USSR into an anti-Russian alliance, to screwing with Iranian national security by deliberately infecting its nuclear facilities with a computer virus, to telling China it's not going to be allowed to threaten America's control of the oceans and airspace adjoining China.

In other words America's become so used to dealing out punishment to other nations as and when it feels like it, without any fear of consequences, it's a nasty shock when someone decides to push back.

So even if Trump's not making any of them - and he's not - there are lots of good reasons for seeing the Russian actions as retaliation born of frustration, not evidence of any inherent hostility to America.

Belvoir said...

The Russians did worse than just move furniture around to US diplomats in Russia. They'd leave human excrement on the floor. One of them was badly beaten up. Another had his dog killed. These are seriously nasty people, and fuck Glenn Greenwald for being such an egregious stooge for Putin's rotten and abusive and illiberal dictatorship. He's appearing on Fox now, chuckling with the appalling Tucker Carlson about how dumb liberals are to be concerned about Russian cyberespionage and tampering. So silly of us! One way or another, GG is on the Kremlin take.

Anonymous said...

I have never quite understood this ongoing antagonism twixt the Untied States and Russia. They are both white and racist to the bone, a minority of the planet's population, one would think they would be the best of friends. Butt-buddies, typically Republican closet queers.

I don't know Bill, that just strikes me as over-thinking it, and is certainly beyond their understanding. I prefer something that turns it back on them, puts it back in their faces, both reichwingers and squishy anti-liberal left alike: Commie Pinko Fags.

Forty-six years ago I swore an oath to defend this land against all enemies, foreign and domestic.
Ten Bears

Procopius said...

I guess I'm just jaded because I used to take care of a small network of a coupld dozen computers at a private school. I've had to remove malware. It was usually downloaded by the students using the computers and most of it was no big deal. Typically it changed the browser's home page to some scammer and maybe installed a toolbar that led to cheat web sites. If you notice in all these stories, we see something like, "... According to the report, which cited anonymous senior administration officials, a code linked to the Grizzly Steppe operation was found within the utility's system." See, they never name a source and they never tell us what the supposed malware was named. The malware "linked to" the Grizzly Steppe operation (some PR genius came up with that name) is very old and used by script kiddies all over the world, so its presence doesn't really tell us much, even if it really was there, which I doubt. The major media have lied so much since 2001 that if they report the sky is blue I'll step outside to check. The New York Times is especially bad about using anonymous "high government official" sources, but the Washington Post is close behind them.

paulocanning said...

Russia brought Estonia to its knees via cyber attacks nine years ago and last year actually did switch off power in a Ukrainian city [], but do carry on with your 'but there's no proof!' and 'why is everyone being so mean to poor Russia?'