Please rotate your screen to portrait for optimal viewing experience

A Vermont electric company found a Russian malware code on one of its laptops by Circa News
Security & Threats

An electric company in Vermont announced Friday that it found a Russian malware code on one of its laptops, according to CNN

Burlington Electric said in a statement on the company's Facebook page that they found the malware code associated with the Russain hacking operation, Grizzly Steppe, after U.S. utility companies received an alert from the Department of Homeland Security. 

"We acted quickly to scan all computers in our system for the malware signature," the company said in a statement. "We detected the malware in a single Burlington Electric Department laptop not connected to our organization’s grid systems."

Burlington Electric added that it's working with federal officials to prevent any further attempts to infiltrate the company's utility systems.

The utility company serves 19,600 customers in Vermont. 

Sen. Patrick Leahy (D-Vt.) said in a statement that he and his staff were briefed on the attempts to penetrate the electrical grid by Vermont State Police on Friday evening. 

Leahy said this incident goes beyond "hackers having electronic joy rides," calling it a "direct threat" to Vermont. 

"This is now about trying to access utilities to potentially manipulate the grid and shut it down in the middle of winter."

Sen. Patrick Leahy

Vermont Gov. Peter Shumlin called on federal officials to conduct a "full and complete" investigation of the incident. 

The FBI posted information about the malware code Thursday, calling it "part of an ongoing campaign of cyber-enabled operations directed at the U.S. government and its citizens."

Homeland Security spokesman Todd Breasseale told CNN hackers were specifically targeting government organizations and critical infrastructure entities like the Vermont utility company. 

U.S. officials told CNN the attack raises concerns because a massive 2015 attack on six power companies in Ukraine wiped out power to 103 cities. 

The malware found in Vermont raises questions of whether U.S. industrial facilities may have similar vulnerabilities.