A Vermont electric company, Burlington Electric, said it found malicious software that US authorities believe was used by Russian hackers in the US election on one of their company laptops. CNN’s Polo Sandoval reports.
Burlington Electric claims it found a code used by a Russian hacking operation was detected in a company laptop. Burlington Electric found the malware Friday on a laptop after the Obama administration released code associated with a Russian group, known as Grizzly Steppe, on Thursday. Grizzly Steppe is a code name designated by the
“Last night, U.S. utilities were alerted by the Department of Homeland Security (DHS) of a malware code used in Grizzly Steppe, the name DHS has applied to a Russian campaign linked to recent hacks,” said Mike Kanarick, spokesman for Burlington Electric Department. “We acted quickly to scan all computers in our system for the malware signature. We detected the malware in a single Burlington Electric Department laptop not connected to our organization’s grid systems. We took immediate action to isolate the laptop and alerted federal officials of this finding. Our team is working with federal officials to trace this malware and prevent any other attempts to infiltrate utility systems. We have briefed state officials and will support the investigation fully.”
— Burlington Electric
A large number of commenters on the CNN YouTube page reacting to the video judged the CNN report on the malware as a fabrication or exaggeration.
CNN called the government warning a “13 page massive report”.
Fancy Bear (also known as APT28, Pawn Storm, Sofacy Group, Sednit and STRONTIUM) is a cyber espionage group. Cybersecurity firm CrowdStrike has said with medium level of confidence that Fancy Bear is associated with the Russian military intelligence agency GRU. Security firms SecureWorks, ThreatConnect, and Fireeye’s Mandiant have also reported the group is sponsored by the Russian government. GRU (Glavnoye razvedyvatel’noye upravleniye/translated Main Intelligence Directorate) is Russia’s largest foreign intelligence agency.
The group Cozy Bear was given other nicknames by other cybersecurity firms, including Office Monkeys, CozyCar, The Dukes (by Volexity), and CozyDuke (by F-Secure).
APT or Advanced Persistent Threat refers to a group, such as a government, with both the capability and the intent to target a specific entity — often a private firm — persistently and effectively.
Russian President Vladimir Putin has denied involvement.
Get updates from The Cardinal ALL NEWS FEEDS on Facebook. Just ‘LIKE’ the ‘Arlington Cardinal Page (become a fan of our page). The updates cover all posts and sub-category posts from The Cardinal — Arlingtoncardinal.com. You can also limit feeds to specific categories. See all of The Cardinal Facebook fan pages at Arlingtoncardinal.com/about/facebook …
Help fund The Cardinal Arlingtoncardinal.com/sponsor
Lame duck President Barack Obama does not seem very lucid in a press conference about Russian hacking.