The Washington Post Publishes More Fake News

Published 21 April 2017 | 1,548 words | Categories: Journalism, Fact Check

In December 2016, The Washington Post published an article with an alarming headline: "Russian hackers penetrated U.S. electricity grid through a utility in Vermont, officials say". They soon amended the headline, probably because the initial headline was baseless. The new version is still sensationalist: "Russian operation hacked a Vermont utility, showing risk to U.S. electrical grid security, officials say"

The contents of the article - and contents of other articles on the same topic - do not echo the sensationalist claims of the headline. In some cases, the headline is actually refuted. Unfortunately, this is becoming all too common for The Washington Post. Let's look at their "reporting" and why it's Fake News:

A code associated with the Russian hacking operation dubbed Grizzly Steppe by the Obama administration has been detected within the system of a Vermont utility, according to U.S. officials.

What does "code" mean here? Suspected malware? Either way, it wasn't actually within the system, and did not present any immediate threat. The code was found on a personal laptop not connected to company infrastructure. And who are these "U.S. officials"? They're certainly not representatives of the affected Vermont utility - why are they giving statements to The Post? What do they know, and how do they know it?

While the Russians did not actively use the code to disrupt operations, according to officials who spoke on the condition of anonymity to discuss a security matter, the discovery underscores the vulnerabilities of the nation’s electrical grid. And it raises fears in the U.S. government that Russian government hackers are actively trying to penetrate the grid to carry out potential attacks.

"The Russians" is meaningless conjecture. It's too early to know who was responsible. Maybe someone accidentally clicked a suspicious link while using the laptop. "Did not actively use the code to disrupt operations" is the most important part of this sentence. We don't know what the "code" was supposed to do, but it wasn't even present within the Vermont electrical grid, and posed no known threat.

And as usual in recent times, the Post again cites anonymous officials. What are their credentials? Do they know anything about this recent "hack"? Or are they bystanders with no knowledge of the situation guessing at what could have happened? Several articles published this year by The Washington Post had misleading or fabricated information. It's almost impossible to trust them to properly vet their "anonymous sources." (If these sources exist, and aren't made up. It wouldn't be the first time. While keeping sources anonymous can be important, and has its place in journalism, we should understand why these particular sources are cited.) It's also odd that both authors of this article are D.C. reporters, one being the Post's White House correspondent. Do they not have someone in Vermont?

Burlington Electric said in a statement that the company detected a malware code used in the Grizzly Steppe operation in a laptop that was not connected to the organization’s grid systems. The firm said it took immediate action to isolate the laptop and alert federal authorities.

Did anyone from The Washington Post talk to the company? It looks like they just read the public statement issued by Burlington Electric. This is a huge misstep on the Post's part. Why not wait for "federal authorities" to investigate the situation before making alarmist unsubstantiated claims? The Post could have reported only the facts: that someone found a laptop with malware, and alerted the authorities. I guess a "just the facts" report would be boring. That'd explain why the Post slapped together a jumble of irrelevancies and false information, with a ridiculous headline on top.

This article then prints some embarrassing quotes from the Vermont governor. They're a failure of foreign policy knowledge (because the governor is publicly insulting a foreign leader based on guesswork). His statement was, overall, a meaningless and vague call to action aimed at the federal government. The governor did not say anything about Vermont taking measures to protect its utilities. The governor seems to erroneously believe only the federal government can do something about "hacking."

American officials, including one senior administration official, said they are not yet sure what the intentions of the Russians might have been. The incursion may have been designed to disrupt the utility’s operations or as a test to see whether they could penetrate a portion of the grid.

This is remarkable because we don't know who was responsible for the "code" found on a laptop, or what its purpose was. And as mentioned, what does an anonymous "senior administration official" know about the situation in Vermont?

Vermont Public Service Commissioner Christopher Recchia - who was not interviewed by The Washington Post  - said "The grid is not in danger. The utility flagged [malware], saw it, notified appropriate parties and isolated that one laptop with that malware on it."

This week, officials from the Department of Homeland Security, FBI and the Office of the Director of National Intelligence shared the Grizzly Steppe malware code with executives from 16 sectors nationwide, including the financial, utility and transportation industries, a senior administration official said.

This is meaningless because the joint FBI-DHS report does not talk about "the Grizzly Steppe malware code," whatever that means. The report talked about a number of things and said "Grizzly Steppe" was a label referencing miscellaneous "malicious cyber activity" which could possibly be attributed to "Russian civilian and military intelligence Services." That's a very basic failure on the part of The Washington Post - they're citing the recent FBI-DHS report but fail to use the information from the report properly. (The report has also been heavily criticized, with one cybersecurity expert calling it meaningless and another finding a glaring error.)

In the FBI-DHS report, they discussed a number of malware programs. The blueprints to some of them are available online. Anyone who knows where to look can create and distribute that malware, which makes attribution especially tricky. Even if Russians created the malware, once it's "out in the wild," then literally anyone can use it. Russian hackers will not have exclusive use of that malware. If you find evidence of malware linked to "Grizzly Steppe" on your computer, standing up and shouting "Russia did it" is about as meaningful as saying "aliens did it." At least until a proper investigation can be done.

Another senior administration official, who also spoke on the condition of anonymity to discuss security matters, said in an email...

Here, The Washington Post quotes one sentence which is a vague rehash of a line from the public DHS-FBI report. There's no point to making this anonymous unless the Post is making stuff up. It's irrelevant and repetitive.

President-elect Donald Trump has repeatedly questioned the veracity of U.S. intelligence pointing to Russia’s responsibility for hacks in the run-up to the Nov. 8 election.

At this time, there is no evidence of attribution other than some people saying "we're pretty sure the Russian government gave Democrat-affiliated emails to Wikileaks." A claim which Wikileaks and others have said is false. This is also assuming any alleged hacks were successful.

Obama has been criticized by lawmakers from both parties for not retaliating against Russia before the election. But officials said the president was concerned that U.S. countermeasures could prompt a wider effort by Moscow to disrupt the counting of votes on Election Day, potentially leading to a wider conflict.

You shouldn't retaliate until you have facts. Unfortunately, we still don't have those facts. Just a shoddy DHS-FBI report which uses vague already-public information from private companies. And the White House issuing a statement saying "Russia did it, trust us," as if the government has been transparent enough to deserve that trust. Plus, changing vote counts isn't even possible in some states, especially those with paper ballots. The Obama Administration also said (in November) that "...we believe our elections were free and fair from a cybersecurity perspective." (NYT) Whether or not people believe them, that's subjective, but there isn't any evidence Russia "hacked" the actual votes in 2016's election.

Officials said Obama also was concerned that taking retaliatory action before the election would be perceived as an effort to help the campaign of Democratic presidential nominee Hillary Clinton.

This doesn't even make sense. Just look at it.

Since at least 2009, U.S. authorities have tracked efforts by China, Russia and other countries to implant malicious software inside computers used by U.S. utilities. It is unclear if the code used in those earlier attacks was similar to what was found in the Vermont case.

So why is the Post so certain Russia is responsible, if they point out how multiple countries could be at fault?

This entire article is Fake News. No one "hacked the U.S. electric grid."

Things from other sources

"Whoever leaked this compromised the entire investigation. Even if this was some massive hack, you just told the world you're looking for it." - SwiftOnSecurity

"Just to be clear: The company and authorities should be taking this seriously. But it was publicly reported way too soon with no confidence." - SwiftOnSecurity

Burlington Electric Official Statement

"Washington Post named Burlington Electric and GMP as the likely targets of the hack, but didn't get comment before publishing erroneous story" - Taylor Dobbs

The malware could be from an older infection.

No other utilities in Vermont found issues.

Back To Top