Lawmakers press agencies, telecoms for more details on Salt Typhoon hacks – djohnson
– [[{“value”:”
Members of Congress are pressing federal agencies and telecommunications companies for more information about a reported Chinese government-backed hacking campaign that breached the networks of at least three major U.S. telecoms.
Earlier this month, the Wall Street Journal reported that a hacking group tied to Beijing successfully broke into the networks of Verizon, AT&T and Lumen Technologies. The hackers reportedly went undetected for months, possibly gaining access to systems and infrastructure used to process court-authorized wiretaps.
On Thursday, Republican and Democratic leaders on the House Energy and Commerce Committee wrote to the three telecommunication firms asking for more information on their response, calling the incident “extremely alarming for both economic and national security reasons.”
“In an age where Americans rely heavily on your services for communication and connectivity, the integrity of your networks is paramount,” wrote Reps. Cathy McMorris Rodgers, R-Wa., and Frank Pallone, D-N.J., chair and ranking member on the committee, as well as Bob Latta, R-Ohio, and Doris Matsui, D-Calif., chair and ranking member of the Communications and Technology subcommittee. “It is vital that cybersecurity protocols are enhanced to better protect American’s [sic] data against increasingly sophisticated attacks, especially from our foreign adversaries.”
The members requested a briefing with the telecoms to learn more about when they became aware of the compromise, findings from any internal investigations and subsequent engagement with law enforcement, their plans to notify affected customers and what if any corrective steps have been taken to harden cybersecurity in the wake of the incident.
The House Homeland Security Committee has also requested a briefing on the hack from the Cybersecurity and Infrastructure Security Agency, according to a committee aide.
An aide for Sen. Mark Warner, D-Va., chair of the Senate Intelligence Committee, told CyberScoop that the incident is something the committee is “following closely, and I expect there to be briefings scheduled once Congress returns.”
The Federal Communications Commission has also reportedly requested a briefing from national security officials on the hack, according to Nextgov.
For some, the potential penetration of private IT infrastructure used to process lawful wiretaps revived longstanding arguments around the potential collateral damage that can come with government surveillance.
Sen. Ron Wyden, D-Ore., a longtime critic of federal surveillance programs who sits on the Senate Intelligence Committee, told CyberScoop in a statement that the alleged hacks call into question the government’s efforts to persuade — and in some cases compel — private companies to build specific channels for law enforcement access.
Wyden and others have repeatedly warned that technical pathways built into private products that make it easier for law enforcement to access data can also be used by malicious actors, something the Salt Typhoon hack demonstrates.
“A compromise of networks associated with government surveillance would constitute both a serious threat to national security and a violation of the implicit social contract that comes with that surveillance,” Wyden said. “If the government wants to listen in on Americans’ calls and read their texts, its surveillance system must be secure against hacks.
“These reports,” he continued, “if accurate, cast doubt on the integrity of that compact and raise further questions about government assertions that it can be trusted with expanded surveillance authorities that include weakening of Americans’ encryption.”
Tim Starks contributed to this story.
The post Lawmakers press agencies, telecoms for more details on Salt Typhoon hacks appeared first on CyberScoop.
“}]] – Read More – CyberScoop
