Russian hackers penetrated U.S. electricity grid through a utility in Vermont
Source: Washington Post
A code associated with the Russian hacking operation dubbed Grizzly Steppe by the Obama administration has been detected within the system of a Vermont utility, according to U.S. officials.
While the Russians did not actively use the code to disrupt operations of the utility, according to officials who asked for anonymity in order to discuss a security matter, the penetration of the nations electrical grid is significant because it represents a potentially serious vulnerability. Government and utility industry officials regularly monitor the nations electrical grid because it is highly computerized and any disruptions can have disastrous implications for the function of medical and emergency services.
American officials, including one senior administration official, said they are not yet sure what the intentions of the Russians might have been. The penetration may have been designed to disrupt the utilitys operations or as a test by the Russians to see whether they could penetrate a portion of the grid. Federal officials have shared the malware code used in Grizzly Steppe with utility executives nationwide, a senior administration official said, and Vermont utility officials identified it within their operations.
According to a report by the FBI and the Department of Homeland Security, the hackers involved in the Russian operation used fraudulent emails that tricked their recipients into revealing passwords.
Read more: https://www.washingtonpost.com/world/national-security/russian-hackers-penetrated-us-electricity-grid-through-a-utility-in-vermont/2016/12/30/8fc90cc4-ceec-11e6-b8a2-8c2a61b0436f_story.html
Got a breaking news banner on this one. I can imagine what else they have done.
= new reply since forum marked as read
and look forward to your monthly analysis! 
Happy New Year, in case I don't 'see' you.
a battle of factions of black hats and white hats (possibly on both sides) duking it out. 
(although supposedly this is "tradition"
has nothing to do with the investigations (and the results of such) that are going on by DHS & DOJ. Specifically -
... and the possibility of access to correspondence from users of that laptop with info that may have been related to the utility's other systems, including the grid systems, and associated access to them.
You actually think that they will publicly admit that they fucked up?
Recall Yahoo admitting in September to the hack of 500 million accounts 2 years ago and then suddenly coming back around this month to admit it was over a billion in a different hack 3 years ago.
I.e., it ain't over until it's over and that may take awhile because they are literally going to have to comb through anything and everything related to or connected with that company now that they have the signature to look for. I.e., including employees who may have interacted with that laptop (or as I noted, whether that laptop may have infected a mail server) and confirm if there are any infected home/remote systems that might belong to people who do interact with systems associated with the grid.
The point of this sort of hack being to gain info on system configurations and potential password access, whether the attempt to access is tried or not.
