Grizzly Steppe: 5 Fasts Facts You Need to Know

Grizzly Steppe

A federal government report pinned election-related hacks on Russia (Getty)

Russia’s cyberattacks dubbed “Grizzly Steppe” not only infiltrated a political party but also threatened the security of the country’s electrical grid, according to US officials.

Just days after US intelligence agencies revealed the extent of Russia’s cyberattacks in a joint analysis report, a Vermont utility company reported it had found code from “Grizzly Steppe” in the its system. Although the infected laptop wasn’t attached to the grid, the hacking attempt underscores vulnerabilities in national infrastructure.

With a Kremlin-friendly president about to take office and retaliatory measures in place for Russia’s interference, things are coming to a head in 2017. Here’s what you need to know about “Grizzly Steppe”.

1. A Vermont Utility Company Reported It Had Found “Grizzly Steppe” Code In its System/h2>

Burlington Electric reported it had discovered Grizzly Steppe malware in its system. The company isolated the infected laptop and alerted federal authorities Friday night. In a statement on its website, Burlington Electric says the computer was not connected to the electrical grid and that no customer information had been compromised. The utility company serves more than 19,600 customers in areas including the City of Burlington and Burlington International Airport. The discovery of malware prompted a public outcry from Vermont’s public officials.

“Vermonters and all Americans should be both alarmed and outraged that one of the world’s leading thugs, Vladimir Putin, has been attempting to hack our electric grid, which we rely upon to support our quality-of-life, economy, health, and safety,” Gov. Peter Shumlin (D-VT) said in a statement. “This episode should highlight the urgent need for our federal government to vigorously pursue and put an end to this sort of Russian meddling.”

On its Cyber Security page, Burlington Electric says it has prepared for an “Aurora Vulnerability”, coined after a 2007 Department of Homeland demonstration that showed how cyberattacks could cause a power plant to self-destruct.

2. US Intelligence Agencies Published a Report on Grizzle Steppe Meant to Embarrass Russia

Russia hacks

APT-28 and APT-29 launched spearphishing campaigns to break into systems (US)

US Intelligence Agencies published a report on December 29 detailing the methods Russian actors used to hack a political party. Although the Democratic National Committee wasn’t mentioned, US intelligence agencies say Russian hackers compromised the committee’s system, the Washington Post reports. The 13-page report included code from Grizzly Steppe as well as aliases of Russian operatives.

A US official who wished to remain anonymous told Bloomberg that the report was meant to embarrass the Kremlin by makings its methods public. The Grizzly Steppe malware, which targeted a US political party, happened in two waves. The first wave in 2015 consisted of a spearphishing campaign, where seemingly legitimate emails containing malicious links were sent to over 1000 people. In the spring of 2016, Russian operatives tricked people into changing their passwords through lookalike domain. As a result, email and information was stolen from party members and leaked to the press.

3. Since Election Day, More Attacks related to Grizzly Steppe Have Been Found

Russia cyberattacks

Russian actors continue to wage cyberattacks after the US election (US)

The election may be over, but the operatives behind Grizzly Steppe seem to have some other end in mind. Just days after the November 8 election, the Grizzly Steppe report says another attack was launched.

The two agents involved in Grizzly Steppe were APT-28 and APT-29. The Department of Homeland Security and FBI called out Russian Military and Civilian Intelligence Services in the December 29 report. The report includes a list of precautions organization can take such as reviewing IP addresses, file hashes and an electronic signature included in the report.

4. President-Elect Donald Trump Praised Vladimir Putin for His Response to Obama’s Retaliatory Measures

President-elect Donald Trump expressed skepticism over allegations of Russian hacking, and even praised Russia’s president Vladimir Putin for his measured response to US retaliatory measures. Obama kicked out 35 Russian intelligence operatives suspected of being spies and imposed sanctions on Russian intelligence services on Thursday. Although Russia’s Foreign Minister urged Putin to kick out US diplomats, he said he would not expel anyone.

On Thursday, Trump said in a statement that “it’s time for our country to move on to bigger and better things.” However, he agreed to meet with the intelligence community for a briefing on the recent Russian hacks. Trump took to Twitter on Friday praising Putin as “very smart” for his restrained reaction to US retaliatory measures.

5. The Retaliatory Measures Come After Obama Decided the US Response to Hackers Wasn’t Harsh Enough

Obama’s strike against Putin on the cusp of his departure struck some not as a bombshell, but a muted response. In a joint statement, Republican Sens. John McCain of Arizona and Lindsey Graham of South Carolina described the sanctions as “long overdue”. The joint statement on McCain’s website pushes for more retaliatory measures.

“Ultimately, they are a small price for Russia to pay for its brazen attack on American democracy. We intend to lead the effort in the new Congress to impose stronger sanctions on Russia.”

In recent weeks, Obama decided that the anti-hacking response he created in April 2015 were not severe enough. A New York Times Investigation found the DNC was slow to respond when the FBI reported it had been hacked in the fall of 2015. When DNC leadership was alerted over the hacks, emails obtained through the hacks were already leaked to several websites including DC Leaks and Wikileaks, according to the Times.



Nicholas Stix

This article is even worse than the phony “intelligence” report that supposedly exposed the “hacking.” I read the report, which Edward Cox mischaracterized. It opens with baseless assertions, and lists code names for the malware that supposedly got access to the DNC (particularly John Podesta’s email server), through phishing emails; suggestions on how to determine if one has been hacked, and strategies to limit the damage (mitigate), if one has been hacked. However, it provides no evidence that the Russians were the hackers. It looks like a real report, but there’s no “there” there.
Given that the biggest player behind the “Russia hacked the election” story and the phony “intelligence” report is Barack Obama, the most dishonest, corrupt, racist president in American history, and that he has been slavishly supported by the same Evil Media that tried to steal the election for Hillary Clinton, and which have since Election Day sought, by hook or by crook to undo the election, I’ll pass on falling for the newest hoax/moral panic.
Obama and his media goons have always sought to wreak hysteria and havoc, and now they seek to bring us to the brink of WWIII. No dice.
Nicholas Stix, Uncensored


You start well, then fall of the tracks heavily with the Obama-hating. I absolutely agree Obama, the Democrats, normal people and most of the media were horrified by the pussy-grabbing fool the Republicans selected as their candidate. Absolutely they did not want Trump as President. But “stealing” the election? Pure fiction.

Nicholas Stix

“I absolutely agree Obama…”

Since I never said any of the things that you “absolutely agree” with, with whom were you agreeing

Nicholas Stix, Uncensored

Sam (@toucan1000)

Grizzly Steppe is not a Russian “operation”. It is a name chosen by the US government for allegedly Russian malicious cyber activities. This article is full of errors and exaggerations.


Everything to do with the supposed Russian hacking is exaggerated.

Wikileaks has said repeatedly the DNC enfolds were leaked by an unhappy insider. The claims against Russia appear to be a campaign to distract attention from the unethical conduct of the Democratic Party leadership, especially around cronyism and trying to block the campaign of Bernie Sanders.