Washington Post Retracts Story About Russian Hackers Penetrating US Electricity Grid

Those anonymous U.S. officials who reported Russian hacking code had been found "within the system" of a Vermont power utility must've been surprised to learn the code was on a laptop that wasn't actually connected to the grid. The Washington Post has updated their original story, which now reports that "authorities" say there's no indication that Russian hackers have penetrated the U.S. electric grid.

The Post's newly-edited version now appears below (with their original and now-deleted text preseved inside brackets). A code associated with the Russian hacking operation dubbed Grizzly Steppe by the Obama administration has been detected within the system of a Vermont utility, according to U.S. officials. While the Russians did not actively use the code to disrupt operations of the utility, according to officials who spoke on condition of anonymity in order to discuss a security matter, the discovery underscores the vulnerabilities of the nation's electrical grid... [Was "the penetration of the nation's electrical grid is significant because it represents a potentially serious vulnerability."]

American officials, including one senior administration official, said they are not yet sure what the intentions of the Russians might have been. The incursion [was "penetration"] may have been designed to disrupt the utility's operations or as a test by the Russians to see whether they could penetrate a portion of the grid... According to the report by the FBI and DHS, the hackers involved in the Russian operation used fraudulent emails that tricked their recipients into revealing passwords.
The Vermont utility does report that they'd "detected suspicious Internet traffic" on the laptop, but they believe subsequent news coverage got the story wrong. "It's unfortunate that an official or officials improperly shared inaccurate information with one media outlet, leading to multiple inaccurate reports around the country."

Meh

Here we go again. This reminds me of a boy, a boy who loved to cry wolf.

Re:Meh

[INT_QRK]

One should assume a posture of tentative disbelief about anything with potential political charge that one reads in the media pending sufficient corroboration from multiple sources over time.

Re: Meh

Hey genius, if you didn't fucking notice (and you didn't), all they did was copy the Crowdstrike report. And guess what, Crowdstrike was paid by the DNC.

This is a very serious accusation

[Frank+Burly]

I will not believe this is true until Trump says it isn't a big deal.

Bullshit

One laptop not on the network had malware.

Fuck the washington post.

http://boingboing.net/2016/12/31/no-russia-didnt-hack-vermon.html

1 laptop, not connected to the grid

[david.emery]

Journalists wonder why people don't trust them, and this story is a good example. Turns out the crap was found on one laptop in the company's possession, which was not connected to their power grid.

(And when will companies/CIOs stop buying computers that contain so many exploitable vulnerabilities? I guess the answer is "Not until there's financial and legal consequence for their failure.")

Re:1 laptop, not connected to the grid

[mattwarden]

I'm very happy to come to the comments section and find mostly mocking and people who looked beyond the headline. Would have been nice if the editors did that.

Here is the full takedown on The Intercept of this BS-vending from WaPo: https://theintercept.com/2016/...

Re:OH NOES! IT'S THE RUSSIANS

[Frank+Burly]

Russia is still not an existential threat to anyone but her former client states. This isn't a problem that Romney's larger Navy would have solved (and I'm surprised that Russian nationals and domestic rightists are so offended by this throwaway zinger 4 years later). But in retrospect, Obama underestimated Russia's guile. Rather than do catastrophic harm to the United States, Russia (like Al Queda) has done minor harm that led the United States do major harm to itself (the Iraq war, Trump).

Re:Tit for tat

[king+neckbeard]

Our posture is fucking horrific. We support Israel even when they blatantly violate international law. We've long sided with Saudi Arabia, the world's largest state sponsor of terrorism. We overthrew Iraq, creating ISIS. We're largely responsible for arming a good chunk of the terrorists in the world. Yeah, Russia does shitty things, but our problems are big enough that our first concern should be fixing our own problems. Not understand that, along with the unbelievable hubris of the Clintonites, is why the Democrats got their asses kicked in this election, and why they've been getting their asses kicked for so long.

As it stands right now, the best thing that could happen for world peace is for the US to go down in flames. I would rather that not happen, but if we listen to people like you instead of behaving like adults, the rational choice for the world at large is to get rid of us.

No Grid Penetration

[Mr+D+from+63]

The headline is complete bullshit. Can the author not even read? The grid was not penetrated, hacked, or comprimised. No report says it was. This is totally a fabrication from the reporters.

"We detected the malware in a single Burlington Electric Department laptop not connected to our organization’s grid systems."

Re:has to be asked

[HornWumpus]

Worked in the industry for a decade. Wrote simulation shells that did short term forecasts based on on system conditions, did data reductions etc (e.g. This unit IS going down for unscheduled maintenance, how much will it cost to shut it down RTF now vs after afternoon peak?) Went on to 'tech lead' for significant energy trading/risk management platform. Ran on many traders and grid operators desks...don't ask, won't tell. Did once see a bug because grand total on printable VAR only had room for 10 digits plus sign. Assigned to Brahmin coder, week later I fixed it myself, I digress.

What you say isn't really possible. What they typically do have is a secure network, which runs operations, staffed with lots of ex-military actual Engineering school grads. That network is being monitored by redundant data integrators which present integrated (by some time interval, usually hours/half hours or minutes, back when I was up to my nose in it) system data to a second less secure (but still as secure as any corporate) network where routine operations run. That server is usually locked down tight, read only from the less secure network; but that is only software. They also like to run diverse OSs, lots of 'big iron' and Unixes and home brewed binary data formats. These things were mostly architected before Windows was common, particularly on the secure side it's still loaded with 'legacy', likely to remain so until they have a complete staff turnover. Old Dilbert with neckbeard flipping a nickle at Wally and telling him to get a better computer, that's the dude.

Routine operations need access to internet based facilities. To schedule transmission line capacity, trade power, get closing prices from grid operators, weather forecasts and unit availability from neighbors (lots of VPNs). But that part of the operations could more or less crash and burn and it will only cost money (and extra CO2). Operations, more or less, ignores trading at the minute by minute level. Trading gives them trade schedules and operations will try their best. But if 'shit happens' they keep the lights on and let the accountants worry about reconciling to 'what should have happened'. Which is sometimes a bitch of a computational problem, fortunately most everybody involved are engineers and close enough is close enough. Pennies aren't statistically significant; try and explain that to an accountant. Don't recommend it, just say 'not a material difference' and get on with your life, I'm digressing again.