The Washington Post reports: As federal officials investigate suspicious Internet activity found last week on a Vermont utility computer, they are finding evidence that the incident is not linked to any Russian government effort to target or hack the utility, according to experts and officials close to the investigation.
An employee at Burlington Electric Department was checking his Yahoo email account Friday and triggered an alert indicating that his computer had connected to a suspicious IP address associated by authorities with the Russian hacking operation that infiltrated the Democratic Party. Officials told the company that traffic with this particular address is found elsewhere in the country and is not unique to Burlington Electric, suggesting the company wasn’t being targeted by the Russians. Indeed, officials say it is possible that the traffic is benign, since this particular IP address is not always connected to malicious activity.
The investigation by officials began Friday, when the Vermont utility reported its alert to federal authorities, some of whom told The Washington Post that code associated with the Russian hackers had been discovered within the system of an unnamed Vermont utility. On Friday evening, The Post published its report, and Burlington Electric released a statement identifying itself as the utility in question and saying the firm had “detected the malware” in a single laptop. The company said in its statement that the laptop was not connected to its grid systems.
The Post initially reported incorrectly that the country’s electric grid had been penetrated through a Vermont utility. After Burlington Electric released its statement saying that the potentially compromised laptop had not been connected to the grid, The Post immediately corrected its article and later added an editor’s note explaining the change. [Continue reading…]