Washington Post on Russian Connection to Vermont Utility Hack: Never Mind

January 3rd, 2017 11:20 AM

Monday evening, just three days after causing an uproar by reporting that "Russian hackers penetrated (the) U.S. electricity grid through a utility in Vermont," the Washington Post is now saying that "Russian government hackers do not appear to have targeted Vermont utility, say people close to investigation."

In other words (cue the late Glida Radner's famous Saturday Night Live character Emily Litella): "We told you we had a story, but we really never did. So ... Never mind."

In between the two headlines in the opening paragraph, as I noted at NewsBusters yesterday, the Post tried to hang on to the idea that there was still actually a story there by claiming that "(A) Russian operation hacked a Vermont utility, showing risk to U.S. electrical grid security, officials say." This was after Burlington Electric, the utility involved, within 90 minute's of the original Post report's appearance, revealed that the hacked computer was not connected to the electrical grid. It's important to note, as Kalev Leetaru at Forbes did on Sunday, that "there is no mention of any kind that the Post reached out to either of the two utilities (in Vermont) for comment."

Now virtually all vestiges of a Russian connection which was originally presented as an airtight reality have blown up in the faces of Juliet Eilperin and Adam Entous, as well as those involved in editing the story.

The paper is still trying to hang on to a shred of credibility with a wealth of weasel words, but nobody should be fooled. As just one example, let's compare the first paragraph in the story by Ellen Nakashima and Eilperin published Monday night to the headline seen above (bolds are mine throughout this post):

As federal officials investigate suspicious Internet activity found last week on a Vermont utility computer, they are finding evidence that the incident is not linked to any Russian government effort to target or hack the utility, according to experts and officials close to the investigation.

In other words, the first paragraph's assertion that there is actual evidence of no linkage does not correctly reflect the headline's weaselly "hackers do not appear to have targeted" language. Proper headline: "Investigators have found no evidence of Russian hacker connection to Vermont off-grid computer intrusion."

But the Post knows, because it reported the finding itself on June 16 of last year, that:

According to a new study by computer scientists at Columbia University and the French National Institute, 59 percent of links shared on social media have never actually been clicked: In other words, most people appear to retweet news without ever reading it.

Worse, the study finds that these sort of blind peer-to-peer shares are really important in determining what news gets circulated and what just fades off the public radar. So your thoughtless retweets, and those of your friends, are actually shaping our shared political and cultural agendas.

Thus, the headline's weaselly language can be seen as an attempt by the Post to save face with the vast horde of social media users who don't read the news but nonetheless pass headlines around, i.e., a classic "fake news" tactic.

Now let's look at the Post's attempt to attach nobility to its botched reporting:

The Post initially reported incorrectly that the country’s electric grid had been penetrated through a Vermont utility. After Burlington Electric released its statement saying that the potentially compromised laptop had not been connected to the grid, The Post immediately corrected its article and later added an editor’s note explaining the change.

As already noted, the reason the correction had to be made was that, at least based on its initial reporting, the Post never contacted anyone at the utility before clicking "Publish."

As to the alleged "immediate" nature of the correction and the "later" editor's note, as Leetaru at Forbes noted on Sunday, that's far from accurate:

... it was not until almost a full hour after the utility’s official press release (at around 10:30PM EST) that the Post finally updated its article, changing the headline to the more muted “Russian operation hacked a Vermont utility, showing risk to U.S. electrical grid security, officials say” and changed the body of the article to note “Burlington Electric said in a statement that the company detected a malware code used in the Grizzly Steppe operation in a laptop that was not connected to the organization’s grid systems. The firm said it took immediate action to isolate the laptop and alert federal authorities.” Yet, other parts of the article, including a later (incorrect) sentence claiming that multiple computers at the utility had been breached, remained intact.

The following morning, nearly 11 hours after changing the headline and rewriting the article to indicate that the grid itself was never breached and the “hack” was only an isolated laptop with malware, the Post still had not appended any kind of editorial note to indicate that it had significantly changed the focus of the article.

... Only after numerous outlets called out the Post’s changes did the newspaper finally append an editorial note at the very bottom of the article more than half a day later saying “An earlier version of this story incorrectly said that Russian hackers had penetrated the U.S. electric grid. Authorities say there is no indication of that so far. The computer at Burlington Electric that was hacked was not attached to the grid.”

Yet, even this correction is not a true reflection of public facts as known. The utility indicated only that a laptop was found to contain malware that has previously been associated with Russian hackers. As many pointed out, the malware in question is actually available for purchase online, meaning anyone could have used it and its mere presence is not a guarantee of Russian government involvement.

... It is also interesting to note that the Post said it was an error for the editorial note to be buried at the very bottom of the page instead of at the top of the article ... (It was later moved up — Ed.)

The Russian linkage has been spread far and wide, and remains uncontested in many news locales.

For example, the latest story found at the Associated Press's main national site in a search on "Vermont utility" (not in quotes) misinforms readers that "a Vermont utility's laptop was found to contain malware U.S. officials say is linked to Russian hackers." An earlier AP story claiming that "A state electric utility confirmed on Friday it had found on one of its laptops a malware code the U.S. government says is used by Russian hackers" is still present at the Boston Globe.

The code may sometimes be "used by Russian hackers," but certainly not exclusively, as the AP has implied in each instance. An independent analysis of Thursday's "Joint Analysis Report" on "Operation Grizzly Steppe" reported that "The IOC’s (Indicators Of Compromise) in the report are tools that are freely available and IP addresses that are used by hackers around the world."

Serious collateral damage has been done to the perceived integrity of the entire Post newsroom operation — apparently with government help. But who says that the government deserves the presumptive trust the Post obviously gave it? Washington Post Company executive management and Amazon CEO Jeff Bezos, the paper's owner through his own private investment company, have egg on their collective faces.

So what is the Post going to do about all of this beyond saying "Never mind" and hoping everyone moves on as if nothing happened? More importantly, how many subscribers and advertisers are going to decide that this kind of work product isn't worth paying for or being seen in, respectively?

Cross-posted at BizzyBlog.com.