The suspicious code detected last week on a Vermont utility laptop that prompted fears of a Russian cyberattack was not linked to a Kremlin hacking effort, new evidence suggests.
Instead, the internet activity appears to have been caused by a Burlington Electric Department employee checking his Yahoo email account, The Washington Post reported Tuesday, citing officials close to the investigation.
The employee’s activity reportedly set off an alert that his computer had connected to a suspicious IP address associated with the Russian hacking operation Grizzly Steppe, which Burlington Electric said it immediately reported to federal authorities.
But officials now say the traffic associated with the IP address was not necessarily malicious and could be found elsewhere in the country, according to The Post.
Investigators are still examining the laptop and did find a Neutrino exploit kit – a software package known for delivering malware – but it doesn’t appear to be connected with Grizzly Steppe, The Post reported.
The Post had first reported that the country’s electric grid had been hacked by a Russian operation through the Vermont utility laptop, but it later issued a correction that said the laptop had not been connected to the grid.
Fears of Russian cyberattacks have been percolating since US intelligence agencies attributed the hacking of the Democratic National Committee during the election to Russian interference. President Barack Obama last week announced sanctions against Russia in retaliation.
President-elect Donald Trump, however, has consistently downplayed the allegations against the Russians, arguing that it is “very hard” to determine who hackers are unless they’re caught in the act and that it’s “time to move on.”