Durbin, Duckworth, Colleagues to Trump: Act On Russian Cyber Intrusions to U.S. Energy Infrastructure
Senators Demand Analysis of Russian Cyber Warfare Capabilities
WASHINGTON – U.S. Senators Dick Durbin (D-IL) and Tammy Duckworth, along with U.S. Senator Maria Cantwell (D-WA) and Senate colleagues today sent a letter to President Trump urging the U.S. Department of Energy (DOE) to conduct an analysis of Russian capabilities with respect to cyber-attacks on U.S. energy infrastructure.
In the letter, the members request that President Trump, “direct the Department of Energy, in consultation with other relevant agencies, to within 60 days conduct a thorough analysis of:
a) the scope of Russian capabilities to use cyber warfare to threaten our energy infrastructure; and
b) the extent to which the Russians have already attempted cyber intrusions into our electric grid, pipelines, and other important energy facilities.”
In the letter, the Sens. write that, “Instead of responsibly performing the requested assessment, your administration has proposed slashing funding to the very offices tasked with protecting our grid from Russian cyber-attacks. Indeed, the Department of Energy’s Congressional Budget Request for Fiscal Year 2018 proposes to dramatically reduce funding for the Office of Electricity Delivery and Energy Reliability by more than 40%. How can our government protect our national security assets if the administration does not allocate the necessary resources?”
After the cybersecurity firm Dragos issued a report on June 12, 2017 revealing that malware could be deployed against U.S. electric transmission and distribution systems, the Washington Post reported that, “Russian government hackers have already shown their interest in targeting U.S. energy and other utility systems.”
Along with Durbin, Duckworth, and Cantwell, the letter was signed by U.S. Senators Ron Wyden (D-OR), Brian Schatz (D-HI), Sherrod Brown (D-OH), Tammy Baldwin (D-WI), Martin Heinrich (D-NM), Chris Van Hollen (D-MD), Chris Coons (D-DE), Al Franken (D-MN), Bernie Sanders (I-VT), Ed Markey (D-MA), Jack Reed (D-RI), Mazie Hirono (D-HI), Patty Murray (D-WA), Tom Carper (D-DE), Chris Murphy (D-CT), and Jeanne Shaheen (D-NH).
The full letter is available here and below:
Dear President Trump:
We write to follow-up on a letter of March 14, 2017 urging you to direct the Department of Energy to conduct a thorough analysis of Russian capabilities with respect to cyberattacks on our energy infrastructure. Your administration failed to respond. In the meantime, the threat Russia poses to our critical infrastructure has become increasingly clear. As the Washington Post reported, a private cybersecurity firm recently suggested that Russia has developed a tool called CrashOverride, the first ever malware framework to specifically attack electric grids and that this malware was successfully deployed against a Ukrainian utility last year. The Department of Homeland Security has concluded that “the tactics, techniques, and procedures (TTPs) described as part of the CrashOverride malware could be modified to target U.S. critical information networks and systems.”
The March 14 letter noted that the Russians and other foreign actors have the capability, and potentially the intent, to cause significant damage to our economy by attacking our critical energy infrastructure, including our electric grid. Admiral Rogers, the Director of the National Security Agency and the Commander of the U.S. Cyber Command, recently told Congress that Russia holds the cyber capability to cripple our infrastructure.
Instead of responsibly performing the requested assessment, your administration has proposed slashing funding to the very offices tasked with protecting our grid from Russian cyberattacks. Indeed, the Department of Energy’s Congressional Budget Request for Fiscal Year 2018 proposes to dramatically reduce funding for the Office of Electricity Delivery and Energy Reliability by more than 40%. How can our government protect our national security assets if the administration does not allocate the necessary resources?
We are deeply concerned that your administration has not backed up a verbal commitment prioritizing cybersecurity of energy networks and fighting cyber aggression with any meaningful action.
Today, we reiterate the request that your administration direct the Department of Energy, in consultation with other relevant agencies, to within 60 days conduct a thorough analysis of: a) the scope of Russian capabilities to use cyber-warfare to threaten our energy infrastructure; and b) the extent to which the Russians have already attempted cyber-intrusions into our electric grid, pipelines, and other important energy facilities.
We thank you for your attention to these matters.
Sincerely,