On Monday, Republican members of the U.S. House Committee on Homeland Security requested a hearing from intelligence agencies about the cyberattack by Salt Typhoon on ISPs like AT&T, Verizon, and Lumen Technologies.
U.S. Reps. Mark Greene (R-TN), Andrew Garbarina (R-NY), and Laurel Lee (R-FL) sent a letter to the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation requesting the briefing by Nov. 1 after learning about the intrusions of the cyber threat actor affiliated with the People’s Republic of China.
“If reporting about Salt Typhoon’s level of network access is accurate, the PRC could influence communications by rerouting internet traffic, or gain valuable information by accessing systems for lawful wiretapping requests,” the Congressmembers wrote. “In other words, this intrusion would significantly jeopardize Americans’ right to privacy and broader U.S. national security interests. We appreciate the continued efforts by U.S government agencies, including CISA and the FBI, to raise awareness about the pre-positioning activities of Volt Typhoon and other PRC-backed cyber threat actors. However, we are extremely concerned about what Salt Typhoon’s intrusion may imply about the state of America’s cyber resiliency.”
The letter comes on the heels of Congress passing the Strengthening Cyber Resilience Against State-Sponsored Threats Act directing CISA and the FBI to create a cyber task force to protect against intrusions from PRC-based cyber threat actors.
“Although we are encouraged to hear that CISA is participating in a new “emergency team” to address the Salt Typhoon hack, clearly a temporary measure will not suffice. Reporting indicates that Salt Typhoon has been active since 2020, and PRC-backed threats against Western nations primarily aimed at intelligence collection show no sign of waning,” the law makers wrote.