31 Dec '16 17:12>2 edits
The company released a statement on Friday night saying that the malware code had been detected during a scan of a single company laptop. However, soon after publication of the Post’s story, it was revealed that the malware had only infected a utility company laptop that had no access whatsoever to the electrical grid.
Naturally, the US media promptly ran with the story as further evidence of Russian hacking of critical US infrastructure and national interests: the WaPo wrote "Russian operation hacked a Vermont utility, showing risk to U.S. electrical grid security, officials say" (originally the article's title was "Russian hackers penetrated U.S. electricity grid through a utility in Vermont, official say" which we now know was simply (fake news), the AP added "Vermont Utility Finds Malware Code Attributed to Russians."
According to some cybersecurity specialists, the code came from an outdated Ukrainian hacking tool. As RT notes, IT specialists that have analyzed the code and other evidence published by the US government are questioning whether it really proves a Russian connection, let alone a connection to the Russian government. Wordfence, a cybersecurity firm that specializes in protecting websites running WordPress, a PHP-based platform, published a report on the issue on Friday.
Wordfence said they had traced the malware code to a tool available online, which is apparently funded by donations, called P.A.S. that claims to be “made in Ukraine.” The version tested by the FBI/DHS report is 3.1.7, while the most current version available on the tool’s website is 4.1.1b.
"One might reasonably expect Russian intelligence operatives to develop their own tools or at least use current malicious tools from outside sources,” the report says.
The second part of the analysis deals with the list of IP addresses provided by the US agencies. The report says they “don’t appear to provide any association with Russia” and “are probably used by a wide range of other malicious actors.”
So lets gets this, NO penetration of the grid, Outdated malware and NO evidence linking the incident to the Russkies. Ouch!
http://www.zerohedge.com/news/2016-12-31/russian-hackers-said-penetrate-us-electricity-grid-using-outdated-ukrainian-malware
Naturally, the US media promptly ran with the story as further evidence of Russian hacking of critical US infrastructure and national interests: the WaPo wrote "Russian operation hacked a Vermont utility, showing risk to U.S. electrical grid security, officials say" (originally the article's title was "Russian hackers penetrated U.S. electricity grid through a utility in Vermont, official say" which we now know was simply (fake news), the AP added "Vermont Utility Finds Malware Code Attributed to Russians."
According to some cybersecurity specialists, the code came from an outdated Ukrainian hacking tool. As RT notes, IT specialists that have analyzed the code and other evidence published by the US government are questioning whether it really proves a Russian connection, let alone a connection to the Russian government. Wordfence, a cybersecurity firm that specializes in protecting websites running WordPress, a PHP-based platform, published a report on the issue on Friday.
Wordfence said they had traced the malware code to a tool available online, which is apparently funded by donations, called P.A.S. that claims to be “made in Ukraine.” The version tested by the FBI/DHS report is 3.1.7, while the most current version available on the tool’s website is 4.1.1b.
"One might reasonably expect Russian intelligence operatives to develop their own tools or at least use current malicious tools from outside sources,” the report says.
The second part of the analysis deals with the list of IP addresses provided by the US agencies. The report says they “don’t appear to provide any association with Russia” and “are probably used by a wide range of other malicious actors.”
So lets gets this, NO penetration of the grid, Outdated malware and NO evidence linking the incident to the Russkies. Ouch!
http://www.zerohedge.com/news/2016-12-31/russian-hackers-said-penetrate-us-electricity-grid-using-outdated-ukrainian-malware