The Washington Post first said Russian hackers infiltrated America’s power grid, then they changed the story to say only one laptop was the victim of a “Russian hacking operation.” But now the Post reports that Russia was not at all involved with a cyberattack on a Vermont electrical utility company.
The original story published Friday said, “Russian hackers penetrated U.S. electricity grid through a utility in Vermont, officials say.” Post reporters Juliet Eilperin and Adam Entous wrote, “A code associated with the Russian hacking operation dubbed Grizzly Steppe by the Obama administration has been detected within the system of a Vermont utility, according to U.S. officials.”
The Post published this story without first reaching out to Vermont utility companies and just relying on the word of U.S. government officials.
A statement was subsequently released by the Burlington Electric Department that said, “Last night, U.S. utilities were alerted by the Department of Homeland Security (DHS) of a malware code used in Grizzly Steppe, the name DHS has applied to a Russian campaign linked to recent hacks.” It added, “We detected the malware in a single Burlington Electric Department laptop not connected to our organization’s grid systems.”
The Post then changed its story to say, “Russian operation hacked a Vermont utility, showing risk to U.S. electrical grid security, officials say.” The paper also added an editor’s note which said, “An earlier version of this story incorrectly said that Russian hackers had penetrated the U.S. electric grid. Authorities say there is no indication of that so far. The computer at Burlington Electric that was hacked was not attached to the grid.”
This version of the story was covered by several other outlets. The Los Angeles Times wrote, “Russian malware found on laptop at Vermont electric utility.” The Boston Herald said, “Bay State utility cos. on alert after suspected Russian hack in Vermont.” And The Guardian published, “US-Russia tensions rise as malware found at Vermont electric utility.”
These outlets quick to spread the narrative of rising American tensions with Russia would all be proven to be wrong, according to the Post’s updated story Monday. Ellen Nakashima and Juliet Eilperin wrote, “As federal officials investigate suspicious Internet activity found last week on a Vermont utility computer, they are finding evidence that the incident is not linked to any Russian government effort to target or hack the utility, according to experts and officials close to the investigation.”
The Post story goes on to say that an employee was checking his email when an alert was triggered “indicating that his computer had connected to a suspicious IP address associated by authorities with the Russian hacking operation that infiltrated the Democratic Party.”
“Officials told the company that traffic with this particular address is found elsewhere in the country and is not unique to Burlington Electric, suggesting the company wasn’t being targeted by the Russians. Indeed, officials say it is possible that the traffic is benign, since this particular IP address is not always connected to malicious activity,” the Post added.
The incorrect Post story highlights the difficulty of reporting on the alleged Russian hacking that the government has refused to release evidence about. The Post writers continued to uncritically refer to a “Russian hacking operation” in their updated Monday story.
Nakashima and Eilperin also wrote, “The murkiness of the information underlines the difficulties faced by officials as they try to root out Grizzly Steppe and share with the public their findings on how the operation works.” They added without irony, “Authorities also were leaking information about the utility without having all the facts and before law enforcement officials were able to investigate further.”