Homeland Republicans Request Briefing From CISA, FBI on Salt Typhoon Hacks
October 21, 2024
WASHINGTON, D.C. – Last week, House Committee on Homeland Security Chairman Mark E. Green, MD (R-TN), Subcommittee on Cybersecurity and Infrastructure Protection Chairman Andrew Garbarino (R-NY), and Subcommittee Vice Chair Laurel Lee (R-FL) sent a letter to the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI), requesting a briefing for the Committee by November 1 on the recently discovered intrusions by ‘Salt Typhoon,’ a cyber-threat actor affiliated with the People’s Republic of China. The group specifically targeted major internet service providers (ISPs) such as AT&T, Verizon, and Lumen Technologies. Read the full letter here.
In the letter, the members state, “If reporting about Salt Typhoon’s level of network access is accurate, the PRC could influence communications by rerouting internet traffic, or gain valuable information by accessing systems for lawful wiretapping requests. In other words, this intrusion would significantly jeopardize Americans’ right to privacy and broader U.S. national security interests. We appreciate the continued efforts by U.S government agencies, including CISA and the FBI, to raise awareness about the pre-positioning activities of Volt Typhoon and other PRC-backed cyber threat actors. However, we are extremely concerned about what Salt Typhoon’s intrusion may imply about the state of America’s cyber resiliency. As America’s cyber defense agency, we expect CISA to continue playing a pivotal role in educating Americans about cyber risks. Additionally, we urge CISA to conduct more direct outreach to our critical infrastructure owners and operators to ensure they are prepared to identify and thwart malicious activity in their networks and infrastructure.
The members continue, “The Committee has taken the threat of PRC-backed cyber actors, including Volt Typhoon, seriously. Last month, we unanimously passed H.R. 9769: The Strengthening Cyber Resilience Against State-Sponsored Threats Act, which directs CISA and the FBI to create a task force that better prioritizes and coordinates U.S. government efforts to defend against PRC-backed cyber threat actors. Although we are encouraged to hear that CISA is participating in a new “emergency team” to address the Salt Typhoon hack, clearly a temporary measure will not suffice. Reporting indicates that Salt Typhoon has been active since 2020, and PRC-backed threats against Western nations primarily aimed at intelligence collection show no sign of waning.
The members conclude, “On August 6, 2024, CISA and the FBI provided the Committee’s staff with a briefing on the state of PRC cyber threats, and we are grateful for the information shared at that time. However, given escalating concerns about Salt Typhoon, we believe it is necessary for the Committee to receive an updated assessment of trends and U.S. efforts to defend against PRC-affiliated cyber actors.”
###