Group of U.S. Senators Demand President Trump to Investigate CrashOverride Malware

At one of his initial public speeches, President Donald Trump vowed to create a "comprehensive plan to protect America's vital infrastructure from cyber attacks." However, his detractors claim that President Trump has not yet made any progress on his promise. Worse yet, there has been new evidence which suggests that an advanced malware threat caused a massive power outage in the Ukrainian capital Kiev in December 2016, and one group of US SenatorSenators demand to know the risk posed by Russian hackers to American power grids.

The SenatorSenators in question sent an official letter to President Trump last Thursday, in it, all 19 Senators have requested that the White House get the Department of Energy to do another analysis of the Russian state's cyber warfare capabilities and their ability to attack the USA's power grids. The Senators also demand an investigation into Moscow and any potential attempts to compromise The USA's power grids, utilities, pipelines, or other energy infrastructure that they may have made. The Senators want this within 60 days.

However, this same group of SenatorSenators made a similar request a few months ago to which President Trump and his staff never responded. The politicians make their new inquiry in light of evidence that the malware, which temporarily paralyzed Kiev's power, was named CrashOverride and may have been Russian in origin.

"We are deeply concerned that your administration has not backed up a verbal commitment prioritizing cybersecurity of energy networks and fighting cyber aggression with any meaningful action," reads the request signed by SenatorSenators Al Franken, Martin Heinrich, Ron Wyden, Maria Cantwell, Bernie Sanders, and others.

Despite claims of inaction from his opposition, President Trump's administration has issued an executive order that seeks to re-evaluate the state of American cyber security measures in its critical infrastructure in the coming months. However, according to the SenatorSenators, the Trump administration's proposed budget the would reduce funding to the Department of Energy's Office of Electricity Delivery and Energy Reliability.

The politicians were forced into action when it was recently discovered Trojan, which caused the Kiev blackout, could easily be adapted to attack Western European or American power and utility facilities too. Security researchers from security companies ESET and Dragos first analyzed the malware. The security firms pointed out that CrashOverride's modular design feature makes it a threat to western countries, not just Ukraine. Experts from Dragos connected the malware to a hacker collective called "Sandworm" a group linked to Russia, according to many security researchers. Sandworm allegedly attacked American energy and utility targets back in 2014.

ESET researchers called CrashOverride "a particularly dangerous threat since it is capable of controlling electricity substation switches and circuit breakers directly. To do so, it uses industrial communication protocols used worldwide in power supply infrastructure, transportation control systems, and other critical infrastructure systems (such as water and gas)."

After the events of 2014, when Russian/Ukrainian relations broke down, waves of powerful hacks have hit the country's media, transportation system, as well as virtually all of Kiev's agencies. The vicious campaign has rendered hundreds, if not thousands, of machines useless, it has destroyed data, and paralyzed entire government branches. However, if that wasn't enough, the 2015 and especially the 2016 attacks have been devastating with the Kiev attack being one of the worst.

"There's a ton of functionality in this that was never used in Ukraine. This suggests it was being prepared for use at multiple sites," Dragos said in an issued statement saying that the Kiev attack was more of a test run than anything else, and there is real danger to the United States.