BURLINGTON, Vt. -- Several states around the country on Saturday asked cybersecurity experts to re-examine state and utility networks after a Vermont utility's laptop was found to contain malware that U.S. officials say is linked to Russian hackers.
The Burlington Electric Department, one of Vermont's two largest electric utilities, confirmed Friday that it had found on one of its laptops the malware code used in Grizzly Steppe, the name the U.S. government has given to malicious cyberactivity by Russian civilian and military intelligence services.
A Burlington Electric Department spokesman said federal officials have told company officials the threat was not unique to them. The FBI and the U.S. Department of Homeland Security said the hackers involved in the Russian operation used fraudulent emails to trick recipients into revealing passwords.
A spokesman for the Homeland Security Department would not say whether any other utilities, organizations or entities had reported similar malware on their systems after the report. The official said any such information would be confidential.
Officials in Connecticut, Massachusetts, New York and Rhode Island said they are more closely monitoring state and utility networks for anything suspicious.
"We specifically have been looking for signatures that match those reported last week by DHS and the FBI related to Russian actors," Connecticut governor's office spokesman Chris Collibee said. "We have not detected any activity matching the reported malware at this time."
In New York, a spokesman said Democratic Gov. Andrew Cuomo directed all state agencies to re-examine their computer systems for any security breaches. Nothing had been found.
The Russians did not actively use the code to disrupt operations, according to officials who spoke on the condition of anonymity to discuss a security matter. But they said the discovery underscores the vulnerabilities of the nation's electrical grid.
An attack on a U.S. power grid has long been a nightmare scenario for top U.S. officials. The National Security Agency and U.S. Cyber Command chief Adm. Michael Rogers have previously warned it's not a matter of if but when attackers will target U.S. power systems.
Officials in government and the utility industry regularly monitor the grid because it is highly computerized and any disruptions can have disastrous implications for the country's medical and emergency services.
Vermont Gov. Peter Shumlin, a Democrat, said his administration has been in touch with the federal government and the state's utilities. He called on federal officials "to conduct a full and complete investigation of this incident and undertake remedies to ensure that this never happens again."
"Vermonters and all Americans should be both alarmed and outraged that one of the world's leading thugs, [Russian President] Vladimir Putin, has been attempting to hack our electric grid, which we rely upon to support our quality-of-life, economy, health, and safety," Shumlin said in a statement. "This episode should highlight the urgent need for our federal government to vigorously pursue and put an end to this sort of Russian meddling."
Burlington Electric noted that it wasn't connected to the grid system and didn't explain how the malware got onto the computer.
The company said U.S. government authorities alerted American utilities about the malware code Thursday in a report released when President Barack Obama announced the U.S. response to election hacking. Obama ordered sanctions on Russian intelligence agencies, closed two Russian compounds and expelled 35 diplomats the U.S. said were really spies.
Rep. Peter Welch, a Democrat from Vermont, said the malware proves Obama's response was warranted.
"This attack shows how rampant Russian hacking is. It's systemic, relentless, predatory," Welch said in a statement. "They will hack everywhere, even Vermont, in pursuit of opportunities to disrupt our country."
The Washington Post first reported on the Vermont utility's discovery of the malware.
Russia's Rossiya state television channel said the newspaper provided no confirmation Russia was involved, saying the report spoke only about the identification of malicious software code that Washington previously concluded had been used by the Russian intelligence services in the cyberattack on U.S. political institutions.
President-elect Donald Trump has agreed to meet with U.S. intelligence officials this week to discuss allegations surrounding Russia's online activity.
Trump, speaking to reporters Saturday before his annual New Year's bash at his Mar-a-Lago resort in Palm Beach, Fla., said he knows a lot about hacking and that it's "a very hard thing to prove."
He added that anyone who wants to handle something important and keep it private should "write it out and have it delivered by courier, the old-fashioned way. Because I'll tell you what -- no computer is safe. I don't care what they say."
Information for this article was contributed by Deb Riechmann, Jacob Pearson, Jennifer McDermott, Holly Ramer and Christina Paciolla of The Associated Press; and by Juliet Eilperin, Adam Entous, Alice Crites and Carol Morello of The Washington Post.
A Section on 01/01/2017