Follow Slashdot stories on Twitter


Forgot your password?
Government Power Security United States

Washington Post Retracts Story About Russian Hackers Penetrating US Electricity Grid ( 574

Those anonymous U.S. officials who reported Russian hacking code had been found "within the system" of a Vermont power utility must've been surprised to learn the code was on a laptop that wasn't actually connected to the grid. The Washington Post has updated their original story, which now reports that "authorities" say there's no indication that Russian hackers have penetrated the U.S. electric grid.

The Post's newly-edited version now appears below (with their original and now-deleted text preseved inside brackets). A code associated with the Russian hacking operation dubbed Grizzly Steppe by the Obama administration has been detected within the system of a Vermont utility, according to U.S. officials. While the Russians did not actively use the code to disrupt operations of the utility, according to officials who spoke on condition of anonymity in order to discuss a security matter, the discovery underscores the vulnerabilities of the nation's electrical grid... [Was "the penetration of the nation's electrical grid is significant because it represents a potentially serious vulnerability."]

American officials, including one senior administration official, said they are not yet sure what the intentions of the Russians might have been. The incursion [was "penetration"] may have been designed to disrupt the utility's operations or as a test by the Russians to see whether they could penetrate a portion of the grid... According to the report by the FBI and DHS, the hackers involved in the Russian operation used fraudulent emails that tricked their recipients into revealing passwords.

The Vermont utility does report that they'd "detected suspicious Internet traffic" on the laptop, but they believe subsequent news coverage got the story wrong. "It's unfortunate that an official or officials improperly shared inaccurate information with one media outlet, leading to multiple inaccurate reports around the country."
This discussion has been archived. No new comments can be posted.

Washington Post Retracts Story About Russian Hackers Penetrating US Electricity Grid

Comments Filter:
  • Meh (Score:5, Insightful)

    by Anonymous Coward on Saturday December 31, 2016 @11:37AM (#53584535)

    Here we go again. This reminds me of a boy, a boy who loved to cry wolf.

    • Re: (Score:3, Insightful)

      by unixisc ( 2429386 )

      Here we go again. This reminds me of a boy, a boy who loved to cry wolf.

      Precisely. After a year of troll articles about Trump, /. has now become Russia Watch. In addition to a meteorological site. Fuck BeauHD, MSMASH, EditorDavid and WhipSlash. I joined this the day after CmdrTaco left, but the articles used to be about tech stuff - be it OSs, computers, phones, et al

    • Re:Meh (Score:5, Insightful)

      by INT_QRK ( 1043164 ) on Saturday December 31, 2016 @01:30PM (#53585011)
      One should assume a posture of tentative disbelief about anything with potential political charge that one reads in the media pending sufficient corroboration from multiple sources over time.
      • But it's sooo important to be the FIRST! to report on something for all that fame, glory and cash! Self-important, sensationalist morons, all of them.

        Hey did you hear that Mariah Carey's problem last night was that the monitors were broken and she couldn't sing because she couldn't read the lyrics?
    • Here we go again. This reminds me of a boy, a boy who loved to cry wolf.

      The "boy who cried wolf" knew he was lying.

      The Washington Post made a mistake, and corrected it.

      Learn to recognize the difference.

      • They didn't make a mistake. They made up claims that the grid was penetrated when hey were clearly told it wasn't.
        • Re:Meh (Score:4, Interesting)

          by ClickOnThis ( 137803 ) on Sunday January 01, 2017 @08:23PM (#53590205) Journal

          From the Burlington Electric website linked in TFS:

          Federal officials have indicated that this specific type of Internet traffic also has been observed elsewhere in the country and is not unique to Burlington Electric. It’s unfortunate that an official or officials improperly shared inaccurate information with one media outlet, leading to multiple inaccurate reports around the country.

          So, Burlington Electric itself is admitting mea culpa on this one.

    • by frovingslosh ( 582462 ) on Sunday January 01, 2017 @08:28PM (#53590225)
      When will the Government start shutting down Fake News sites like the Washington Post?
  • by Frank Burly ( 4247955 ) on Saturday December 31, 2016 @11:39AM (#53584539)
    I will not believe this is true until Trump says it isn't a big deal.
    • by Anonymous Coward

      1980's are now calling to ask for their foreign policy back []

      "Gov. Romney, I'm glad you recognize al-Qaeda is a threat, because a few months ago when you were asked what is the biggest geopolitical group facing America, you said Russia — not al-Qaeda. And the 1980's are now calling to ask for their foreign policy back — because the Cold War has been over for 20 years.

      So, which is it?

      • by Frank Burly ( 4247955 ) on Saturday December 31, 2016 @01:06PM (#53584903)

        Russia is still not an existential threat to anyone but her former client states. This isn't a problem that Romney's larger Navy would have solved (and I'm surprised that Russian nationals and domestic rightists are so offended by this throwaway zinger 4 years later). But in retrospect, Obama underestimated Russia's guile. Rather than do catastrophic harm to the United States, Russia (like Al Queda) has done minor harm that led the United States do major harm to itself (the Iraq war, Trump).

        • by jedidiah ( 1196 ) on Saturday December 31, 2016 @06:34PM (#53586267) Homepage

          Beyond the obvious fact that you are overlooking Russia's nuclear stockpile, your analysis of US-Russian Naval warfare seems delusional at best. A larger surface fleet was never the answer to the Russians that never focused on that to begin with. It's not our super carriers that matter as much as our ASW capacity.

          Like many things... it's not how big it is but how you use it.

          Furthermore, our current crop of Destroyers aren't a threat to anyone. Not even Cuba.

  • Tit for tat (Score:3, Insightful)

    by Anonymous Coward on Saturday December 31, 2016 @11:41AM (#53584551)

    You can't use your NSA to break in, spy, and sabotage industries, utilities, and governments, around the world. If you conduct malicious and damaging operations like you have for decades, expect that the world will respond.

    • Re:Tit for tat (Score:4, Insightful)

      by Ryanrule ( 1657199 ) on Saturday December 31, 2016 @11:43AM (#53584555)
      russia does not represent the worlds interests, very far from in fact.
      • Re:Tit for tat (Score:5, Insightful)

        by beelsebob ( 529313 ) on Saturday December 31, 2016 @11:48AM (#53584589)

        Nor does the USA.

    • if (usa.spies)
      china.spies = true;
      russia.spies = true;

      For non-programmers, Russia, and especially China, will do this regardless of whether the US does it. In theory, it could be reduced by treating an electronic attack the same as a physical attack; China isn't going to bomb the USA. However in practice it's very difficult to know whether a cyber attack is state-sponsored or not. An attack by Russian

  • Countermeasures (Score:3, Interesting)

    by LTIfox ( 4701003 ) on Saturday December 31, 2016 @11:43AM (#53584561)
    Some organizations started to inject fake phishing emails into their communication systems. All employees who clicked get their heads bashed with a rock.
    • I work for an information security company. All of us should really know better, and yet we do occasionally click the phish bait sent out by corporate security. After being caught once, we start being more careful - at least for six months to a year. I think it's a good idea. Corpsec doesn't need to really scold us or anything, just informing us "you clicked on a fake email" is enough to raise our awareness.

  • Bullshit (Score:5, Informative)

    by Anonymous Coward on Saturday December 31, 2016 @11:44AM (#53584563)

    One laptop not on the network had malware.

    Fuck the washington post.

    • Re:Bullshit (Score:5, Interesting)

      by Velox_SwiftFox ( 57902 ) on Saturday December 31, 2016 @12:23PM (#53584745)
      Exactly, bullshit. It sounds to me like an employee used his laptop to visit an infected website, or answered a general phishing mail.

      Hardly an attack aimed at the grid, and volume cranked up to 11 by WP as a part of the general current panic to glorify Obama and what his administration has done, and undermine the incoming administration.

      Or the WP feels it is simply unimportant to get proper attribution and any of the details right.
    • Re: (Score:3, Informative) link to BoingBoing, who in turn links to Glenn Greenwald who himself is infamous for spinning wildly inaccurate stories. Greenwald asserts:

      What’s the problem here? It did not happen.

      There was no “penetration of the U.S. electricity grid.” The truth was undramatic and banal. Burlington Electric, after receiving a Homeland Security notice sent to all U.S. utility companies about the malware code found in the DNC system, searched all their computers and found the code in a single laptop that was not connected to the electric grid.

      Sadly, the premise of his claim may be true (there is a chance the code wasn't a deliberate attempt by Russia), but rather than simply state that, he makes his own unsubstantiated claim that "it did not happen". He does not know for certain that it wasn't a deliberate attempt from Russia.

      There's a lot of words in the Greenwald piece, but it all hinges on this p

      • Re: (Score:3, Informative)

        by Xenographic ( 557057 )

        There's a ton of Russian malware/botnets out there. Same for Chinese, etc. The burden is on the person making the assertion this is the work of the Russian government, because the media is hard at work with flimsy, inaccurate stories like this which they end up retracting in part after the big headlines hit (see also: changes to the ODNI report...).

        Obama is up there sabotaging diplomacy efforts with Israel & Russia that will compromise our ability to take out Isis. Islamic radicals, incidentally, we

    • BoingBoing making sense and not following the prog party line? WTF is going on - FakeNews again?
  • by david.emery ( 127135 ) on Saturday December 31, 2016 @11:49AM (#53584597)

    Journalists wonder why people don't trust them, and this story is a good example. Turns out the crap was found on one laptop in the company's possession, which was not connected to their power grid.

    (And when will companies/CIOs stop buying computers that contain so many exploitable vulnerabilities? I guess the answer is "Not until there's financial and legal consequence for their failure.")

  • has to be asked (Score:3, Insightful)

    by jmccue ( 834797 ) on Saturday December 31, 2016 @11:56AM (#53584625) Homepage

    Why is infrastructure on the public Internet ? It is not like the internet existed when most of the US electric grid was 'designed' and built. It worked quite well for 70 or so years without the internet. And I will say I have experienced more blackouts over the past 10 years than I did in total before 1990.

    • Re:has to be asked (Score:5, Informative)

      by Streetlight ( 1102081 ) on Saturday December 31, 2016 @12:17PM (#53584721) Journal
      According to an earlier post the laptop that was allegedly infected was not connected to the electric company's grid control system. That conclusion answered my first question. Any vital utility system should absolutely never have it's control system of computers connected to the Internet. If somehow that's the case, those responsible need a very long prison sentence. There also needs to be other security measures to prevent folks having direct access to these control systems from sabotaging them.
      • Re:has to be asked (Score:5, Informative)

        by HornWumpus ( 783565 ) on Saturday December 31, 2016 @02:05PM (#53585195)

        Worked in the industry for a decade. Wrote simulation shells that did short term forecasts based on on system conditions, did data reductions etc (e.g. This unit IS going down for unscheduled maintenance, how much will it cost to shut it down RTF now vs after afternoon peak?) Went on to 'tech lead' for significant energy trading/risk management platform. Ran on many traders and grid operators desks...don't ask, won't tell. Did once see a bug because grand total on printable VAR only had room for 10 digits plus sign. Assigned to Brahmin coder, week later I fixed it myself, I digress.

        What you say isn't really possible. What they typically do have is a secure network, which runs operations, staffed with lots of ex-military actual Engineering school grads. That network is being monitored by redundant data integrators which present integrated (by some time interval, usually hours/half hours or minutes, back when I was up to my nose in it) system data to a second less secure (but still as secure as any corporate) network where routine operations run. That server is usually locked down tight, read only from the less secure network; but that is only software. They also like to run diverse OSs, lots of 'big iron' and Unixes and home brewed binary data formats. These things were mostly architected before Windows was common, particularly on the secure side it's still loaded with 'legacy', likely to remain so until they have a complete staff turnover. Old Dilbert with neckbeard flipping a nickle at Wally and telling him to get a better computer, that's the dude.

        Routine operations need access to internet based facilities. To schedule transmission line capacity, trade power, get closing prices from grid operators, weather forecasts and unit availability from neighbors (lots of VPNs). But that part of the operations could more or less crash and burn and it will only cost money (and extra CO2). Operations, more or less, ignores trading at the minute by minute level. Trading gives them trade schedules and operations will try their best. But if 'shit happens' they keep the lights on and let the accountants worry about reconciling to 'what should have happened'. Which is sometimes a bitch of a computational problem, fortunately most everybody involved are engineers and close enough is close enough. Pennies aren't statistically significant; try and explain that to an accountant. Don't recommend it, just say 'not a material difference' and get on with your life, I'm digressing again.

    • Re:has to be asked (Score:4, Informative)

      by Freischutz ( 4776131 ) on Saturday December 31, 2016 @12:28PM (#53584763)

      Why is infrastructure on the public Internet ? It is not like the internet existed when most of the US electric grid was 'designed' and built. It worked quite well for 70 or so years without the internet. And I will say I have experienced more blackouts over the past 10 years than I did in total before 1990.

      Infrastructure does not have to be on the internet to be hacked. The Iranians air-gapped the computers controlling their nuclear centrifuges and Stuxnet still managed to infect and damage them. The interesting thing is that Russian hackers have actually taken down an electricity grid, that of the Ukraine. The Ukrainians brought it back online relatively quickly by manual operation even though their computer control systems remained a mess. The irony of that incident was that the relatively primitive nature of the Ukrainian grid actually worked for the Ukrainians. It is doubtful that the higher tech grids in the west could be brought up that quickly after a major attack. Just because this incident turned out to be an attack of hysteria, I think we can learn from the Ukrainian experience that it pays to be vigilant and just because the US now has a Russophile president who is a paid up member of the Putin fan club does not mean that the Russians will stop probing for weaknesses in US infrastructure systems.

    • by AHuxley ( 892839 )
      Re "Why is infrastructure on the public Internet ?"
      Generational share holders like their profit over maintenance. Owners like to show they can make profits. Reducing expert staff shows managerial skills.
      Removing staff who are in a union is great too.
      The US was happy to see costs in local staff go to profits and not keep staff working on secure separate networks.
      No expert local teams watching over their state or city or towns grid.
      A few lower cost engineers trusted by the state/feds could watch it all
  • by hey! ( 33014 )

    Somebody should have warned us that something like this was possible.

    I mean, clearly if it had been known this was even a possibility, management would have taken effective action to prevent it.

    Because people are rational beings who make logical decisions. I learned that in Economics class and if that's not true then the very principles our society is founded upon would be nothing more than wishful thinking.

  • I receive almost daily scam emails asking me to click on a link. Sometimes it is as if from FedEx, sometimes as if from a bank, etc. Could it be stopped too?
  • Security experts have been warning of possible foreign hacking for decades. But why this sudden spate of "Russia hacked X" stories now? Why not back when our Secretary of State was running an illegal, private, unsecured email server through which she transmitted classified information []?

    Simple: The Washington Post wanted Hillary to win the Presidential election, and reminding people how her action made it easier for Russian hackers to gain access to classified information wouldn't have helped her. But publishing it now helps support the false narrative [] that the Russians were behind the DNC leaks, not disgruntled Democratic Party staffers [], and thus supposedly harms President-elect Donald Trump, whom the Washington Post and it's employees almost universally loath. That's the entire reason the story is being written and published now.

    Further reading here [] and here [].

    What do you think the under/over is for MSM "Russian Hacking" stories between now and January 20?

  • by Nyder ( 754090 )

    NSA has failed us again. Instead protecting America, they are wasting their and our time by mass collecting data on citizens. Instead of making sure exploits are fixed to keep our systems secure, they hold onto them so they can use them against us and other countries.

    If am I to believe this Russian hacking our systems like the Government is pushing, then the blame goes straight on the NSA and those who backed them.

  • Apparently, the operators of the US power grid are using cheaper-than-possible security, i.e. they were basically asking for it. Stupid.

  • Trump thinks Putin is his buddy. Either that or his entire family are a bunch of Russian sleeper agents. In any event Trump thinks he's smart, but he's not -- Putin would love nothing more than to either have the U.S. in his back pocket, or destroy it -- either way he gets his wish, the resurrection of the Soviet Union and everything that implies. Putin, at best, is going to use Trump and his gullibility/greed/lust for power/whatever it is that goes through the head under that bad wig of his, and America is
    • by PPH ( 736903 )

      In any event Trump thinks he's smart, but he's not

      Or perhaps he is. A great real estate developer and dealmaker who has managed to make bundles of money while leaving other investors with the losses from his failed ventures. If you are trying to close the deal on a shithole condo with leaky plumbing in a bad neighborhood, you don't insult prospective buyers. You butter them up by telling them how great they are.

      The jury is still out on Trump. But I wouldn't write him off yet.

  • A code? I suppose we should be grateful there weren't several.

  • Electricity grid penentrates you!
  • by DaMattster ( 977781 ) on Saturday December 31, 2016 @03:58PM (#53585661)
    No pun intended but this comes as no surprise because the software being developed was outsourced to India or H1B Indians whom just aren't good software engineers. This fiasco could have been avoided if these energy companies had employed the highly skilled and qualified people in the United States. I personally have been tasked with cleaning up garbage code full of memory leaks that was churned out by WiPro.
  • by Bartles ( 1198017 ) on Sunday January 01, 2017 @09:43PM (#53590541)

    ...with an altered headline and act like they never fucked up in the first place? Fake news reporting fake news.

  • by chicksdaddy ( 814965 ) on Monday January 02, 2017 @11:30AM (#53592283)
    Did anyone bother to notice that this entire thread is based on an inaccurate assertion? The story was NOT retracted. It was CORRECTED - meaning that a piece of inaccurate information in the original story (about the laptop being connected to the ICS/SCADA system) was rewritten to clarify that the computer was not connected to that part of Burlington Electric's network. A retraction would mean WAPO removed the story from its website and disavowed its contents. No such thing happened. In fact, you can still read the story using the link provided in the Slashdot post - a sure sign that it HASN'T BEEN RETRACTED!!! Slashdot should probably RETRACT the incorrect story about the Washington Post's (non-existent) retraction.

Marvelous! The super-user's going to boot me! What a finely tuned response to the situation!