07.25.18

Cantwell, Graham Urge Strong Action in the Face of Mounting Cyber Attacks from Russia

Washington, D.C. – Today, in a letter to President Trump, U.S. Senator Maria Cantwell (D-WA), Ranking Member of the Senate Energy and Natural Resources Committee, and Senator Lindsey Graham (R-SC), a member of the Senate Armed Services Subcommittee on Cybersecurity, called for greater action from the federal government to defend the U.S. energy grid from cyber attacks.

Despite overwhelming evidence of destabilizing threats to the U.S. electric grid and recent reports of Russian hacking of the control rooms of U.S. electric utilities, the federal government has not laid out a comprehensive threat assessment or taken sufficient action to protect critical U.S. energy infrastructure.

“We are concerned about Russia’s capabilities with respect to cyber attacks on our energy infrastructure,” the senators wrote. “Furthermore, on July 23, 2018, the Wall Street Journal reported that “[h]ackers working for Russia claimed ‘hundreds of victims’ last year in a giant and long-running campaign that put them inside the control rooms of U.S. electric utilities where they could have caused blackouts.”

“We believe the federal government needs to take stronger action prioritizing cybersecurity of energy networks and fighting cyber aggression to match your Department of Energy’s outward facing commitment.”  

The senators are requesting, within 90 days, a thorough written analysis of: 

a)      the scope of Russian capabilities to use cyber-warfare to threaten our energy infrastructure;

b)      the extent to which the Russians have already attempted cyber-intrusions into our electric grid, pipelines, and other important energy facilities; and

c)       what steps [the] administration is currently taking to combat these Russian cyber-warfare capabilities and intrusions into our energy facilities.

Cantwell has been the leading voice on protecting critical U.S. infrastructure, including energy infrastructure such as the electric grid and oil and gas pipelines, from cyber attacks. On March 12, 2017, and June 22, 2017, Senator Cantwell sent letters to President Trump calling on him to defend energy infrastructure and to instruct DOE to conduct an analysis of Russian capabilities with respect to cyber attacks on U.S. energy infrastructure. In hearing after hearing, Cantwell has pressed for increased collaboration between the government, private sector, utilities, military, and academia to protect U.S. energy infrastructure from cyber attacks.

In addition to Senators Cantwell and Graham, cybersecurity experts are weighing in on the need for the federal government to take action to protect critical energy infrastructure.

“We have entered a new era of warfare in which the adversary sits in our backyard watching our every move, and we have left the back door to our homes unlocked.  This new reality requires a situational awareness that is not consistent across the country. The threats that Russia and other actors pose to our grid, pipelines, ports, and other infrastructure is real and serious, and more must be done on the federal level to ensure we are adequately prepared,” said Barbara Endicott-Popovsky, Executive Director of the Center for Information Assurance and Cybersecurity at the University of Washington.

The full letter can be found below and HERE.

July 25, 2018

Dear President Trump:

We are concerned about Russia’s capabilities with respect to cyberattacks on our energy infrastructure. In March 2018, a broad group of witnesses agreed to the necessity of a comprehensive threat assessment at an Energy and Natural Resources Committee hearing. Furthermore, on July 23 2018, the Wall Street Journal reported that “[h]ackers working for Russia claimed ‘hundreds of victims’ last year in a giant and long-running campaign that put them inside the control rooms of U.S. electric utilities where they could have caused blackouts.”

In March of this year, the Department of Homeland Security and the Federal Bureau of Investigation confirmed that we have reason to be alarmed.  In their joint alert TA18-074A “Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors”, they characterized recent Russian efforts “targeting U.S. Government entities as well as organizations in the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors” as a “multi-stage intrusion campaign by Russian government cyber actors who targeted small commercial facilities’ networks where they staged malware, conducted spear phishing, and gained remote access into energy sector networks. After obtaining access, the Russian government cyber actors conducted network reconnaissance, moved laterally, and collected information pertaining to Industrial Control Systems.”       

We are appreciative of the information included in the Director of National Intelligence’s “Worldwide Threat Assessment of the US Intelligence Community” and Executive Order No. 138000 of May 11, 2017 entitled “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure” as well as additional data that has been provided to us through individual conversations and briefings from officials within your administration.  However, we believe more information must be provided to Congress addressing our specific concerns about Russian capabilities or interference with respect to our energy infrastructure. 

Your administration has proposed the formation of a new Office of Cybersecurity, Energy Security, and Emergency Response at the Department of Energy as a way to elevate the importance of cyber security issues.  However, there is a need for additional cybersecurity resources to address our fundamental concerns. While cybersecurity efforts increased marginally at the Department of Energy, the Transmission Reliability and Resilience Office and the Resilient Distributions Systems Office saw significant reductions in the FY2019 Congressional Budget Request. 

We believe the federal government needs to take stronger action prioritizing cybersecurity of energy networks and fighting cyber aggression to match your Department of Energy’s outward facing commitment. 

Within 90 days, we request in writing a thorough analysis of: 

a)      the scope of Russian capabilities to use cyber-warfare to threaten our energy infrastructure;

b)      the extent to which the Russians have already attempted cyber-intrusions into our electric grid, pipelines, and other important energy facilities; and

c)       what steps your administration is currently taking to combat these Russian cyber-warfare capabilities and intrusions into our energy facilities.

We are happy to receive your responses in an unclassified or classified form.  We thank you for your attention to these matters.

Sincerely,

###