WASHINGTON POST STIRS FEAR AFTER FALSE REPORT OF POWER GRID HACK BY RUSSIA Story quickly falls apart after investigation finds claims to be inaccurate

The Washington Post reported Friday that the U.S. power grid had been hacked by the same Russian actors accused of breaching the DNC – the only problem, the grid wasn’t hacked.

According to the report, malicious “code” associated with Grizzly Steppe, the name given to Russian hacking operations by the Obama administration, was found within the system of a utility company in Virginia.

“While the Russians did not actively use the code to disrupt operations, according to officials who spoke on the condition of anonymity to discuss a security matter, the discovery underscores the vulnerabilities of the nation’s electrical grid,” the article states.

The code, which was not specifically identified by the Post, was released by the FBI and DHS in a Joint Analysis Report (JNC) Thursday regarding the “tools and infrastructure” of the accused Russian hackers. The report provided a way for network administrators to examine their systems for malicious activity and other Indicators of Compromise (IOCs).

As the news stirred fear among Americans across social media, members of the cybersecurity community immediately questioned the validity of the report.

Matt Tait, a former member of the GCHQ, the UK’s NSA equivalent, quickly noted that attribution, or the process of discovering “whodunnit,” would almost certainly not be accomplished in less than 24 hours.

Photo published for Russian operation hacked a Vermont utility, showing risk to U.S. electrical grid security, offici...

Russian operation hacked a Vermont utility, showing risk to U.S. electrical grid security, offici…

A code associated with the Russian hacking operation dubbed Grizzly Steppe was detected.

washingtonpost.com

John Hultquist, who has spent a decade tracking cyber espionage threats for both the government and private sector, noted that Russian operators had previously infiltrated the grid, making it possible that the discovered code was a “lingering infection.”

Photo published for Russian operation hacked a Vermont utility, showing risk to U.S. electrical grid security, offici...

Russian operation hacked a Vermont utility, showing risk to U.S. electrical grid security, offici…

A code associated with the Russian hacking operation dubbed Grizzly Steppe was detected.

The IOCs, while important in detecting possible hacks, will likely produce numerous false positives for the near future.

Robert M. Lee, CEO and founder of cybersecurity company Dragos, which specializes in threats facing critical infrastructure, also noted that the IOCs included “commodity malware,” or hacking tools that are widely available for purchase.

1. No they did not penetrate the grid. 2. The IOCs contained commodity malware – can’t attribute based off that alone.

No evidence at this time connects the malware to Russia or any recent hacking campaigns.

Soon after publication of the Post’s story, it was revealed that the malware had only infected a utility company laptop that had no access whatsoever to the electrical grid.

View image on Twitter

View image on Twitter
Alleged Russian hack of power grid was actually hack on utility company laptop with no access to the grid

As noted by Politico cybersecurity reporter Eric Geller, the Post quickly edited its headline upon learning that the incident was far less serious than initially reported.

View image on TwitterView image on Twitter

The mistake on behalf of the Post is not to suggest that nation states do not hack into one another’s critical infrastructure. Russia has successfully infiltrated the U.S. grid before, is likely inside now, and has attacked the power grids of other countries, such as the Ukraine, in the past.

The U.S. government likewise has gained access to foreign power grids. As part of the “Nitro Zeus” operation, the U.S. breached Iranian infrastructure and prepared to carry out cyber attacks during the early years of the Obama administration in the event that diplomatic efforts to reduce Iran’s nuclear program failed.

In case you’re wondering, this is what an actual nation-state power grid hack looks like.

The Post’s false hacking story, which continues to be spread by countless media outlets, will likely fuel both fear and distrust as allegations of government hacking continue to captivate the public.

While the U.S. intelligence community leads the world in hacking capabilities, America remains one of the more vulnerable countries given its reliance on technology.

The U.S. government and private companies are working to harden the power grid by testing their own defenses against simulated attacks. Watch cybersecurity experts hired by a power company in the Midwest breach the grid below:

Please follow and like us:

125total visits,2visits today

Comments are closed.