News
Senators Ask Cyber Review Board to Conduct Investigation on Chinese Hack Group
Comments
Link successfully copied
Sen. Eric Schmitt (R-Mo.) speaks during a news conference with Republican Senators about border security issues at the U.S. Capitol in Washington on Jan. 24, 2024. (Drew Angerer/Getty Images)
By Frank Fang
11/18/2024Updated: 11/18/2024

A bipartisan group of senators has urged a federal review board to immediately begin an investigation into a Chinese hacking group’s attacks against the United States, according to a recent letter sent to Robert Silvers, undersecretary for policy at the Department of Homeland Security (DHS).

Led by Sen. Eric Schmitt (R-Mo.), the senators wrote in a letter dated Nov. 14 that the independent Cyber Safety Review Board (CSRB) had announced in late October that it would initiate a review “at the appropriate time,” a DHS spokesman confirmed in a statement to the Wall Street Journal, following media reports that Salt Typhoon, a Chinese state-sponsored threat group, had breached several U.S. telecommunications companies.

The Epoch Times contacted the DHS for comment but has not received a response by publication time.

The senators noted that the CSRB’s announcement “is a good first step.” The CSRB, established by the DHS in 2022, consists of federal officials and private-sector cybersecurity experts.

“We are deeply alarmed DHS has not publicly disclosed when this investigation will begin,” the senators wrote. “While details of the attack are still being revealed, the scope of this attack is historic in nature and the hacking technique used by Salt Typhoon holds countless senior U.S. officials and millions of U.S. citizens at risk.

“With all due speed and urgency, the CSRB should begin investigating how this happened immediately.”

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) announced on Nov. 13 that Chinese state-sponsored hackers had conducted a “broad and significant cyber espionage campaign” aimed at stealing data from individuals working in government and politics.

The Chinese hackers also copied “certain information that was subject to U.S. law enforcement requests pursuant to court orders,” the two agencies stated, suggesting that the Chinese breach may have targeted programs covered by the Foreign Intelligence Surveillance Act (FISA).

“We expect our understanding of these compromises to grow as the investigation continues,” the two agencies said in a joint statement.

The letter was co-signed by Sens. John Cornyn (R-Texas), Shelly Moore Capito (R-W.Va.), Bill Cassidy (R-La.), Steve Daines (R-Mont.), Marsha Blackburn (R-Tenn.), John Hawley (R-Mo.), Rick Scott (R-Fla.), John Hickenlooper (D-Colo.), and Ted Budd (R-N.C.).

The senators named other known Chinese threat cyber groups—Volt Typhoon, Flax Typhoon, and Storm-0558—and said that “there is an urgent need for the U.S. government to take a hardline stance to deter the PRC’s activities in cyberspace and identify authorities and resources.” PRC is an acronym for communist China’s official name, the People’s Republic of China.

Storm-0558’s activities came to light in July last year, when Microsoft reported that the group had compromised 25 organizations, including government agencies, through their Microsoft Exchange accounts. A staffer from Schmitt’s office told The Epoch Times in September last year that Storm-0558 had stolen 60,000 emails from 10 State Department accounts alone.

The CSRB described Storm-0558’s breach as “a cascade of security failures” by Microsoft, according to its report published in March.

Schmitt had previously said that the Pentagon’s cyberwarfare unit should go on the offense against hostile foreign hacking groups.

“America needs more than just a good defense—It’s far past time to go on offense. We must bring the fight to the front door of hackers who would do us harm, and most critically, state-sponsored hacking groups,” Schmitt told The Epoch Times in October last year.

The senators also listed seven questions that the CSRB should address in its investigation into Salt Typhoon, including when the DHS became aware of the group’s attacks on U.S. telecommunication systems.

“Based on the scope of the hack, what information was Salt Typhoon able to obtain regarding FISA processes, investigation, ongoing operations, or U.S. intelligence collection methods?” the letter reads.

The senators also inquired about how Salt Typhoon compares to other Chinese threat groups regarding the scale and sophistication of its attacks.

The senators requested that the DHS inform them by Dec. 3 about when the investigation will commence. They also asked for a briefing before Jan. 10 of next year.

“The public should be sufficiently informed regarding the PRC’s unashamed strategy to use cyberattacks as a means to degrade our national security,” they wrote.

Share This Article:
Frank Fang is a Taiwan-based journalist. He covers U.S., China, and Taiwan news. He holds a master's degree in materials science from Tsinghua University in Taiwan.

©2023-2024 California Insider All Rights Reserved. California Insider is a part of Epoch Media Group.