Washington Post backtracks on frenzied reporting of Russian hack attack against power grid

Don’t panic.

Washington Post backtracks on frenzied reporting of Russian hack attack against power grid

Can everyone puh-leeze calm down?

On December 30 2016, the Washington Post ran what sounded like a pretty serious story entitled "Russian hackers penetrated U.S. electricity grid through a utility in Vermont, U.S. officials say".

Washington Post

In the current climate of claims that Russian-backed hackers may have meddled with the US election by leaking hacked documents and emails from Hillary Clinton's campaign team, a story like that is likely to get a lot of interest.

Shame then that it wasn't true.

As Burlington Electric revealed in a public statement, the truth was that they detected suspicious activity on a single laptop computer which was not even connected to its grid systems.

Well, whoopee-do. Finding a malware alert on a laptop is hardly breaking news.

Smarting slightly in the light of reality and criticism from computer security experts, the Washington Post revised its story, giving it a new headline: "Russian operation hacked a Vermont utility, showing risk to U.S. electrical grid security, officials say".

Washington Post revised article

A few days have passed, and the Washington Post has published a new article on the ongoing investigation into the malware found on a single unconnected laptop.

This latest article doesn't help fuel the dramatic scenario the Washington Post had earlier presented that the power grid is being targeted by the Kremlin's finest hackers.

Washington Post

The headline? "Russian government hackers do not appear to have targeted Vermont utility, say people close to investigation."

Quite a turnaround there.

Read a little further, and you can see that it's truly ridiculous that the Washington Post's original claims should ever have been taken so seriously (my emphasis):

An employee at Burlington Electric Department was checking his Yahoo email account Friday and triggered an alert indicating that his computer had connected to a suspicious IP address associated by authorities with the Russian hacking operation that infiltrated the Democratic Party. Officials told the company that traffic with this particular address is found elsewhere in the country and is not unique to Burlington Electric, suggesting the company wasn’t being targeted by the Russians. Indeed, officials say it is possible that the traffic is benign, since this particular IP address is not always connected to malicious activity.

Sheesh.

Let's not be naive. I have no doubt that Russia is hacking American companies and organisations. But similarly I have no doubt that America is doing the same against companies and organisations in foreign nations, as are the Chinese, the Brits and countless others.

That's just what countries do these days to gather intelligence on each other, and potentially cause disruption. It's business as usual.

And alongside such state-sponsored hacking there are also a huge number of attacks perpetrated by organised criminal gangs, with little interest in politics but plenty of interest in stealing data, filling their pockets with cash, and commandeering computers to help them with their crimes.

We don't know who might have infected the single laptop at Burlington Electric. But what we do know is that they were quite possibly not targeted, and that it's a big mistake to jump to quick conclusions, or to present such incidents as being much serious than they really are.

Tags: , , , ,

Smashing Security audio podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Vanja Svajcer, and Carole Theriault.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security"

Latest episode:

Listen now

Subscribe to the free GCHQ newsletter

, , , ,

Leave a reply

9 Comments on "Washington Post backtracks on frenzied reporting of Russian hack attack against power grid"

Notify of
avatar
Sort by:   newest | oldest | most voted
Phil Potts
Visitor
Phil Potts

"Shame then that it wasn't true."

Similar to the reaction of those who wished so much that the Duke lacrosse team had committed the crimes they were falsely accused of. As one mainstream editor lamented:

"The narrative was right, but the facts were wrong".

Oh, for objective journalism!

Paul
Visitor
Paul

That turn of phrase surprised me too, but I think I will give GC the benefit of the doubt – it's a common turn of phrase to lament the inaccuracies, and NOT to be taken that Graham wishes the hack WAS state sponsored by the Kremlin!

graphicequaliser
Visitor
graphicequaliser

He could also mean that "it's a shame on them for reporting inaccuracies"

Tom Smith
Visitor
Tom Smith

Why is it, Paul, you'd be inclined to give "GC" the "benefit of the doubt? That "it's a shame" comment is likely revealing about Mr. Cluley's frame of reference. This is not the first time that he has "reported," often breathlessly, about this or that perceived misdeed of the US. When called out for his political – and perhaps cognitive – biases, he simply takes refuge in the words of his banner that he provides "security news, and opinions."

Worth keeping this in mind when you review the postings in this blog. Much useful, but none so good that you can separate your analytical, objective brain from the embedded wishful thinking.

Richard
Visitor
Richard

Who still uses Yahoo email?

Etaoin Shrdlu
Visitor
Etaoin Shrdlu

Not actually a mistake from their point of view. I mean, clearly incorrect and a bit embarrassing, (if people notice), but a big boost in traffic and advancing their political agenda:

"WashPost Is Richly Rewarded for False News About Russia"

https://theintercept.com/2017/01/04/washpost-is-richly-rewarded-for-false-news-about-russia-threat-while-public-is-deceived/

wpDiscuz