A recent cybersecurity conference at Champlain College in Burlington discussed how companies should respond to cyber threats. In a case study highlighting how to deal with reporters after a hacking, officials from the FBI and Burlington Electric Department discussed how they handled widely publicized reports that the utility had been hacked by Russians, when it wasn’t.
In December the Burlington Electric Department scanned all its computers following a Department of Homeland Security malware alert. Officials isolated a laptop and filed a report with federal authorities that the off-line computer might be infected. Burlington Electric General Manager Neale Lunderville told forum participants it was supposed to be a routine report. “This is the laptop. (laughter) Here’s the laptop that launched a thousand bad headlines for BED. We intercepted the traffic. Our IT team went downstairs literally immediately and pulled this out of the dock and preserved it. At no point was it ever touching our grid system. So this was on our business network. It’s a completely separate network.”
Lunderville says they had talked to FBI and other federal representatives early on December 30th to schedule a routine follow-up investigation after the New Year’s holiday. But Lunderville recalls that Washington had just expelled Russian diplomats and tensions over hacking were rising. “Somewhere in Washington our form was floating around down there. But we think it also might have went into the White House. And at the White House there was quote a senior administration official who looked at this report and not understanding anything about it said ‘Oh My God the Russians have infiltrated the electric grid!’ The White House political reporter for the Washington Post banged out a story. They posted the story at 7:55and the first phone call that we got was at 8:05.”
Within an hour utility officials were working to get the word out that the department had not been hacked. Burlington Electric Director of Communications Mike Kanarik is a former federal prosecutor. He told the crowd that businesses should not hesitate to work with the media. He said in this case it was critical for a quick response so that the community knew that nothing had actually happened. “In this instance when you’re flooded with media inquiries what you want to do is put together a statement and try to get the facts out there accurately and try to get them out there quickly. We wanted to be communicating with everybody to make sure that the right story was out there, the accurate story.”
FBI Special Agent Jennifer Vander Veer, the regional cybersecurity agent, reviewed the initial report from Burlington Electric and had planned a site visit the following week, having found that it was not an emergency situation. But after the hacking story exploded she worked onsite with utility officials. “It took a little while but because this was suddenly the most popular device in the country we had some very, very smart people go through it with a very, very fine tooth comb. So multiple agencies have looked at that thing and we did come to the conclusion that the Russians did not hack Burlington Electric.”
Neale Lunderville: “They found nothing. I mean we could plug it in right now and use it.”
Additional audio from the Champlain College Understanding Digital Threats Case Study: Burlington Electric Department and Managing the Media can be found here: