IP Address at Hydro One Linked to Grizzly Steppe


The Department of Homeland Security (DHS) and FBI have warned that Hydro One, Ontario’s main electricity distributor may have been the target of malicious Russian malicious cyber-activity, designated as GRIZZLY STEPPE. According to online scanning done by U.S. government during investigated alleged Russian hacking of the Democratic National Committee, an IP address at Hydro One was identified.

Hydro One was informed of the finding by Royal Canadian Mounted Police (RCMP) on Dec. 29. Six of the IP addresses in the U.S. report are in located Canada.

Also read:
DHS: Executive Summary of Grizzly Steppe Findings from Homeland Security Assistant Secretary for Public Affairs Todd Breasseale
US Cert: GRIZZLY STEPPE – Russian Malicious Cyber Activity

Simplified list of IP addresses and country locations in Google Doc [Affected Computers Around the World by Grizzly Steppe : JAR-16-20296A].

Hydro One says the IP address involved was not linked to the province’s electricity grid and there is no reason to believe the power system has been compromised. Hydro One added that it takes cyber security seriously and that there are no concerns that the province’s power system was compromised.

DHS released a list of hundreds of affected IP addresses traced to various locations around the world. Six other Canadian computer addresses including an IP address from an Alberta-based internet provider were found in the online scanning.

Map shows which countries had the largest number of compromised computers by Grizzly Steppe

Source:
CTV News: Exclusive: IP address at Ontario power utility linked to alleged Russian hacking
CTV News: Compromised Hydro One computer shows difficulty of tracking hackers