Burlington grid, customers safe, utility says

Joel Banner Baird
Burlington Free Press
An engineer for the Burlington Electric Department, navigates the new interactive schematic of Burlington's power grid in this 2013 photo.

Apparent links to Russian-based hackers on a Burlington Electric Department computer were discovered Friday as part of ongoing, routine vigilance, according to general manager, Neale Lunderville.

Lunderville said Saturday that evidence of internet traffic associated with Grizzly Steppe, a notorious distributor of malware, was disturbing — but did not pose a threat to BED's highly computerized grid system and its customers.

Malware — stealth software designed to disable computers and cyber networks — has emerged as a real threat to utilities worldwide, Lunderville said.

But, he added, federal investigators have so far found "no information out there that suggests BED has been targeted."

The U.S. Department of Homeland Security alerts BED and other utilities on a near-constant basis for potential cyber-threats, he added.

In addition to federal help in identifying threats to service and the privacy of ratepayers, most utilities —including Burlington's — use computer systems that are disconnected from the internet, Lunderville said.

Federal investigators red-flagged the latest suspicious code from Grizzly Steppe on Thursday evening.

Burlington officials scanned the BED system and isolated the code on a laptop that was not connected to the utility's internal network, according to the utility.

A bulletin from the Department of Homeland Security's Computer Emergency Readiness Team in October describes Grizzly Steppe as a joint project by Russian civilian and military intelligence services, "part of an ongoing campaign of cyber-enabled operations directed at the U.S. Government and private sector entities."

Subsequent federal investigations have linked Grizzly Steppe to efforts to disrupt the Democratic Party.

State officials said Friday the traces of malware in Burlington seemed to have posed no risk to the municipal utility, nor to the broader state electric grid.

Burlington Electric General Manager Neale Lunderville speaks at a news conference on Sept. 5, 2014.

 

 

 

 

 

 

 

Rough-and-tumble routine

Lunderville said BED has encountered viruses before, but none that warranted the present level of scrutiny.

Many details of the federal cyber-investigation remain confidential, he added.

But there's an element of routine in the rough-and-tumble landscape of malware (which includes spyware, ransomware and self-replicating computer viruses), said Randy Norris, a Colchester-based internet-security expert.

In information technology, Norris said, "this happens every day."

Without actually examining the scrap of code that was found on the BED's laptop it's impossible to determine whether it was a file capable of "phoning home to get instructions" — establishing a connection with its creators, he continued.

Ambitious malware coders (likely sponsored by the U.S. and Israel), for example, were able to override controls at Iran's uranium-enrichment facilities about a decade ago, creating a great deal of damage.

More commonly, malware is downloaded as an unfortunate by-product of internet downloads, he said.

Businesses, agencies and utilities typically maintain a secure "air-gap" — a technological separation —  between public and proprietary systems, Norris added.

An advanced, "smart" electric meter in Burlington collects, records and transmits power-use data as part of the city's increasingly interactive grid.
Photographed on Saturday, Dec. 31, 2016.

 

 

 

 

 

 

Seeking a sense of proportion

A systems air-gap is in place at BED, Lunderville said, "and going forward we will continue to monitor our systems closely in coordination with federal officials and remain ever vigilant."

On Friday, Sen. Patrick Leahy, D-Vt, issued a statement on the incident:

"State-sponsored Russian hacking is a serious threat, and the attempts to penetrate the electric grid through a Vermont utility are the latest example," Leahy wrote.

"This is beyond hackers having electronic joy rides — this is now about trying to access utilities to potentially manipulate the grid and shut it down in the middle of winter," the senator continued. "That is a direct threat to Vermont and we do not take it lightly."

A statement released Saturday afternoon by BED said the sort of suspicious internet traffic it encountered recently "has been observed elsewhere in the country and is not unique to Burlington Electric. It's unfortunate that an official or officials improperly shared inaccurate information with one media outlet, leading to multiple inaccurate reports around the country."

Smart-grid, in process

Efforts to modernize Vermont's electric grid have accelerated in the past decade.

The goal: earlier detection of fluctuations and problem circuits; preventative diagnosis of vulnerable equipment; more widely dispersed generation of renewable energy; and greater resilience to natural and man-made catastrophe.

A federal matching grant of $69 million was awarded to Vermont's electric transmission and distribution utilities to invest in "smart-grid" technologies, including more real-time monitoring of the lines.

Another $1.5 million in federal spending created a partnership between Sandia National Laboratories and University of Vermont to develop cyber-security strategies for the emerging grid.

This story was first posted online Dec. 31, 2016.

Contact Joel Banner Baird at 802-660-1843 or joelbaird@freepressmedia.com. Follow him on Twitter @VTgoingUp.