‘Russian malware found on laptop of energy network operator in US’

Malware code from Russian hackers has been found on a laptop belonging to a power grid operator in the US state of Vermont. This is reported by anonymous sources from The Washington Post.

It would be the malware that the American FBI described last week in its technical report on Russian hacking activities in the US. The newspaper’s US government sources say the code was found on a laptop that was disconnected from the infrastructure. Once the malware was discovered, the laptop was further sequestered and reported to US authorities on Friday. It looks like the malware was not actually used for an attack. Vermont immediately launches an investigation to find out how the infection could have taken place and whether there have been other infections.

The malware is said to be part of the ‘Grizzly Steppe’ spearphishing campaign that Russia has carried out. A Russian team allegedly sent malicious links to more than 1,000 recipients, including US government officials, through a targeted phishing campaign in the summer of 2015. To run the campaign and to host malware, the group used legitimate domains, such as organizations and educational institutions.

On Thursday, President Obama announced that the US is imposing sanctions on Russia as a result of other hacks carried out by Russia. Part of the sanctions is that 35 Russian people have to leave the country. At first it appeared to be diplomats, later it turned out that they were employees of Russian intelligence services. In addition, the US closed two Russian buildings in New York and Maryland that were being used for “intelligence purposes.” According to Obama, these are the first sanctions and further measures will follow shortly.