Tuesday, January 3, 2017

The Washington Post and Their "Electrical Grid" Scare

On the Friday before New Year's Eve, the Washington Post published an article with this headline:
"Russian operation hacked a Vermont utility, showing risk to U.S. electrical grid security, officials say."  

Many on the political left, still reeling from the alleged Russian hack of the Hillary campaign, went into full OMG mode.

However, that story was just "fake news" from one of this country's most-read and left-leaning newspapers. In fact that original story has now had an intro added stating the following: 
"Editor’s Note: An earlier version of this story incorrectly said that Russian hackers had penetrated the U.S. electric grid. Authorities say there is no indication of that so far. The computer at Burlington Electric that was hacked was not attached to the grid."
Even so, there's more to the story than what was stated in the "Editor's Note".  The computer they are talking about is a laptop.  The malware that the Russians apparently infected this computer with was a "Trojan" program, called Neutrino, that can be used to either extract data from that computer, and that computer only,  or to hold that computer hostage for a ransom. Because it was a Trojan program it was not at all likely that it would be of any danger to that power facility; even if the laptop was connected to its computers.  Note this comment to that affect from the McAfee anti-virus website on the Neutrino malware:
"This is a Trojan detection. Unlike viruses, Trojans do not self-replicate. They are spread manually, often under the premise that they are beneficial or wanted. The most common installation methods involve system or security exploitation, and unsuspecting users manually executing unknown programs. Distribution channels include e-mail, malicious or hacked Web pages, Internet Relay Chat (IRC), peer-to-peer networks, etc.  
So, it is highly likely that whoever owned the laptop, took some action that downloaded Neutrino such as opening a spam email.  Even if the country of origin might be Russia, the target probably wasn't that electrical utility's computer system nor did it originate from the Russian government.  In fact, it is highly possible that you may have such malware on your own computer, and I doubt you're connected to some power plant in America.  The way it is activated is by manually running a Java script that was placed on your computer by opening an attachment to an email or downloaded video.

So, what's the real story behind this fake story?  I think it was simply another attempt to discredit Trump.  Another attempt to further the story that Putin is a villain.  He stole our election and he now wants create havoc on our electrical systems.   Isn't  he is the guy that Trump is best buddies with?  Therefore, by extension, Trump is someone we can't trust.

My hat is off to the Chicago Tribune for exposing this fraud.

References:

Russian operation hacked a Vermont utility, showing risk to U.S. electrical grid security, officials say: https://www.washingtonpost.com/world/national-security/russian-hackers-penetrated-us-electricity-grid-through-a-utility-in-vermont/2016/12/30/8fc90cc4-ceec-11e6-b8a2-8c2a61b0436f_story.html?utm_term=.cf647293248f

Chicago Tribune: Vermont utility apparently not a target of Russian hacking:  http://www.chicagotribune.com/news/nationworld/ct-russian-hackers-vermont-utility-20170103-story.html

McCafee: Neurtrino.e Malware: Overview, Characteristics, Symptoms, Method of Infection, and Removal: http://www.mcafee.com/threat-intelligence/malware/default.aspx?id=9609542

pb




No comments: