The tension between Russia and the US is running high. On Dec. 29, US president Obama took serious action against the Russians, expelling 35 diplomats and issuing sanctions to Russian intelligence agencies. The reason? The surfacing of Russian breaches of US cybersecurity.
Earlier in the week, the Department of Homeland Security and the Federal Bureau of Investigation released a report (pdf) detailing Russian malware code—called “Grizzly Steppe”—that had been used to hack emails within the Democratic National Committee in the lead up to the 2016 election. And now, US officials have confirmed that similar computer code was found on a company laptop from a utility company in Vermont, according to the Washington Post.
The Burlington Electric Department is city-owned, and only serves about 19,600 customers. The laptop was not connected to its electrical grid, and government officials say it wasn’t used to interfere with utilities in any way.
The presence of Russian malware, though, suggests that other utilities may also have been targeted. Electrical grids power homes, but and, more worryingly, critical infrastructure like hospitals and other emergency departments. “This is now about trying to access utilities to potentially manipulate the grid and shut it down in the middle of winter,” Vermont senator Patrick Leahy said in a statement. “That is a direct threat to Vermont.”
Such attacks have already happened in Ukraine. On Dec. 28, Ukraine’s president Petro Poroshenko accused Russian intelligence of 6,500 cyberattacks in the past two months. In December 2015, Russian malware disrupted power to 225,000 residents serviced by three separate electrical providers in Ukraine.