Even though initial reports that Russian hackers had penetrated the United States power grid by compromising a utility in Vermont were widely retracted Tuesday, U.S. Sen. Richard Blumenthal continued his call for Congress to establish a “select committee” to probe deeper into Russia’s actions.
“Vermont was really a blip,” said Blumenthal, referring to widespread criticism of a Washington Post story on Friday stating a Vermont utility’s laptop was found to contain malware U.S. officials initially thought could be linked to Russian hackers.
The Post story said The Burlington Electric Department, one of Vermont’s two largest electric utilities, confirmed it had found on one of its laptops the malware code used in Grizzly Steppe, the name the U.S. government has given to malicious cyber activity by Russian civilian and military intelligence services.
But on Tuesday, the utility company issued a statement, saying, in part: “On Thursday night, the Burlington Electric Department was alerted by the Department of Homeland Security (DHS) of a malware code used in Grizzle Steppe, the name DHS has applied to recent malicious cyber activity.
“We acted quickly to scan all computers in our system for malware signature. We detected suspicious Internet traffic in a single Burlington Electric Department computer not connected to our organization’s grid systems. We took immediate action to isolate the laptop and alerted federal officials of this finding.”
The statement went on to say: “Federal officials have indicated that this specific type of Internet traffic also has been observed elsewhere in the country and is not unique to Burlington Electric. It’s unfortunate that an official or officials improperly shared inaccurate information with one media outlet, leading to multiple inaccurate reports around the country.”
Blumenthal said while the Vermont story about Russian hacking might be overblown, or totally false, “what isn’t false is the cyber attack done on the DNC (Democratic National Committee).”
Those hacks resulted in the public release of thousands of stolen emails, many of which included damaging revelations about the Democratic Party and former Secretary of State Hillary Clinton, the party’s nominee.
There is now some dispute over whether the Russian government was behind those hacks because the information in the “Joint Analysis Report” (JAR), released on Dec, 29, contains nothing of substance pointing to Russia as responsible for any of the attacks.
Last week, President Barack Obama said, “All Americans should be alarmed by Russia’s actions,” referring to hacks of the Democratic National Committee. Obama also cited an “unacceptable level of harassment” of American diplomats by Russian security services and police in Moscow.
The president issued an executive order immediately expelling 35 Russian diplomats from the U.S. and the closing of two Russian compounds in the U.S.
Blumenthal said Obama’s actions were a “good first step, but Congress needs to do more.”
Doing more, he said, means forming the select committee, which Blumenthal said should and would have support from both Democrats and Republicans. That committee, the senator added, should also take measures that “pass legislation that would embody sanctions – hitting Russia in the wallet where it hurts.”
Blumenthal also has some advice for President-elect Donald Trump, who has a cozy relationship with Russian President Vladimir Putin.
“The President-elect needs to take very seriously the overwhelming evidence – proof – that Russia attacked the United States of America with its hacking,” said Blumenthal. “He is doing the nation a disservice by dismissing” the evidence, said Blumenthal.
Trump has expressed continued skepticism over whether Russia was responsible for computer hacks of Democratic party officials.
Arthur House, who was recently appointed Connecticut’s Chief Cyber Security Risk Officer by Gov. Dannel P. Malloy, said while the Vermont incident may have been overblown it could help serve as a “wake up call” for states such as Connecticut.
“The threat is real,” House, who recently visited the Ukraine to see firsthand how hackers were able to take a power station there on Dec. 23, 2015, leaving 230,000 residents in the cold and dark, said.
But House added he is less concerned about the danger a superpower such as Russia poses to the United States, or vice versa, than he is to what he termed as “freelancers or cyber mercenaries” who don’t have to fear the type of retribution for their actions that a country does.
“You haven’t seen the kind of belligerent language from Russia that might accompany such a cyber attack,” House said. “Frankly, it is not in their interests, nor is it in ours to take such aggressive action.
“I am more concerned about someone who has much less at stake and may be getting well paid to take such actions,” continued House.
One who doesn’t buy into the seriousness of the threat is Connecticut Republican Party Chairman JR Romano.
Romano said Blumenthal “is just playing politics.”
“Blumenthal and some other Democrats trying to de-legitimize Donald Trump.”
Romano said Blumenthal was being hypocritical by talking of the dangers of hacking.
“What about his vote on the deal with Iran,” asked Romano, speaking of Blumenthal’s support of Obama’s nuclear agreement in 2015, which called for lifting of sanctions against Iran in exchange for Iran scaling back its weapons programs.
Romano added that Democrats should also be questioning Obama for his recent decision to expel Russian diplomats from the United States “while putting our diplomats in Russia in harm’s way,” by not ensuring their safety at the same time.