Salt Typhoon hacks ‘a wake up call’ to secure telecom services, lawmakers say
TEK IMAGE/SCIENCE PHOTO LIBRARY/Getty Images
The Cyber Safety Review Board was in the middle of investigating the Salt Typhoon hacks when it was disbanded in January. Rep. Doris Matsui, D-Calif., said the board’s termination “leaves in limbo” the government’s probe into the breach.
Lawmakers on a key House panel said Wednesday that the breadth of the Chinese Salt Typhoon hacking campaign underscores the need to secure U.S. telecommunications infrastructure from a range of outsider threats, even as some Democrats said the Trump administration’s discontinuation of a key cybersecurity investigative body jeopardizes ongoing efforts to review the breach.
The Salt Typhoon hacks, which were first discovered last year, allowed the Chinese espionage group to access the networks of at least nine American telecommunications operators and their law enforcement wiretapping platforms, as well as dozens of other global telecom providers. The hackers also targeted the communications of a number of high-profile political individuals, including people tied to President Donald Trump and Vice President JD Vance.
The Treasury Department sanctioned Chinese firm Sichuan Juxinhe Network Technology Co. in January for reportedly having “direct involvement” with China’s Ministry of State Security in the Salt Typhoon infiltrations.
Members of the Energy and Commerce Subcommittee on Communications and Technology said the Salt Typhoon hacking campaign demonstrated the importance of safeguarding telecom systems and other communications networks from major cyber threats, particularly those directed by or tied to the Chinese government. And they also drew a connection between cybersecurity and the need to better secure physical infrastructure, such as the undersea cables that transmit 99% of global internet traffic.
The chairman of the full House panel — Rep. Brett Guthrie, R-Ky. — said efforts to sabotage those critical cables, as well as threats to satellite communications and the inclusion of vulnerable network gear in U.S. telecom networks, also require special attention to protect communications services from disruptions.
Rep. Doris Matsui, D-Calif., ranking member of the Energy and Commerce Subcommittee on Communications and Technology, also called the Salt Typhoon breach “a wake up call that drives home the vulnerabilities in our communications networks.”
But she warned that the White House’s disbandment of the Cyber Safety Review Board — a cybersecurity oversight panel within the Department of Homeland Security — “leaves in limbo” the government’s continuing investigation into the hacks.
The board was established during the Biden administration to investigate major cybersecurity incidents and was in the midst of probing the Salt Typhoon hacks when it was disbanded in January.
“Salt Typhoon remains active as this administration jeopardizes our government's ability to assess the damage and work on solutions,” Matsui said.
Laura Galante, who headed the Office of the Director of National Intelligence’s Cyber Threat Intelligence Integration Center during the Biden administration, also said the White House’s termination of the Cyber Safety Review Board would harm efforts to mitigate future cyber incidents. She previously served as the intelligence community's lead for the Unified Coordination Group, which responded to the Salt Typhoon hacks.
“Cutting off that investigation into Salt Typhoon early really limits the telco sector's ability to understand, from all the different sides of the house — the intelligence side, law enforcement and then victim networks — how we can improve,” Galante said. “So it really short changes our national security to not have that investigative board available to learn from.”
Nextgov/FCW Cybersecurity Reporter David DiMolfetta contributed to this report.