Senators Fume Over Response To ‘disturbing And Widespread’ Chinese Hack Of Us Telecoms
Senators are fuming over the Biden administration’s response to a recent massive Chinese government-linked hack of U.S. and global telecommunications systems, calling it the “most disturbing” breach of telecom systems in history.
The breach, carried out by a group known as Salt Typhoon, involved the infiltration of dozens of telecommunications companies, the hack of phones belonging to officials including President-elect Donald Trump and potential eavesdropping on the phone calls of large swaths of the U.S. population.
On Wednesday, officials from agencies including the FBI, the Federal Communications Commission and the Cybersecurity and Infrastructure Security Agency trekked to Capitol Hill to brief senators on the latest intelligence around the breach. Some lawmakers emerged from that briefing fuming.
“There’s no accountability in anybody sitting up there,” Sen. Rick Scott (R-Fla.) told reporters after the briefing. “They have not told us why they didn’t catch it, what they’ve done to prevent it.”
“If somebody came to my office and said, ‘Hey look, something bad happened, don’t worry, I’m responsible for it, but I’m not going to be responsible for it, and I don’t have any plan to fix it,’ what would you do? You’d fire them,” he added.
Sen. Josh Hawley (R-Mo.) said the extent of the breach was “breathtaking,” and pushed for more information to be declassified.
“I think the American people need to know the extent of the breach here, I think they will be shocked at the extent of it,” Hawley said. “I think they need to know about their text messages, their voicemail, their phone calls. It’s very bad, it’s very, very bad, and it is ongoing.”
The frustration was felt across the aisle too. Senate Intelligence Committee Chair Mark Warner (D-Va.), a former telecoms executive, took issue with these companies for leaving “gaping holes” in the security of critical systems.
“I think there is huge concern, far and away the worst telecom hack, and the fact is that they are still in the systems,” Warner told reporters.
Officials from CISA and the FBI briefed reporters Tuesday on the latest developments in the investigation, stressing that the agencies are working closely with telecoms groups to respond to the breach. They acknowledged that the scope of the infiltration is still not entirely clear, though they first detected the hack in the spring.
“It’s the most disturbing and widespread incursion into our telecommunications systems in the history of the world, not just the country, because of how massive our telecommunications systems is,” Senate Intelligence Committee ranking member Marco Rubio (R-Fla.) told reporters Wednesday. “That’s about as bad as it gets.”
The administration is not sitting still to address the hack. Beyond the active investigation, CISA Director Jen Easterly told reporters following the briefing that the Department of Homeland Security-led Cyber Safety Review Board would begin looking into the hack formally during a meeting on Friday. The CSRB is composed of federal agencies and private sector groups, and looks into major cyber breaches. Easterly said she expected their recommendations on ways to respond to the hack would come later next year, during the Trump administration.
“I thought it was a very good session, very good questions, but obviously the seriousness of this merits the work that we all are doing across the government,” Easterly said of the briefing to senators.
As the clock ticks down on both the Biden administration and the 118th Congress, other key priorities like the annual defense and appropriations bills sit higher on the docket. But some lawmakers are already making clear that legislation to secure telecommunications is urgently needed. Warner and other members of Congress are working on a bill to address cybersecurity gaps, and may try to push it through before the end of the year, with Warner telling reporters Wednesday that he is working to “share it with other members” to build support.
Sen. Mike Rounds (R-S.D.), incoming chair of the Senate Armed Services Committee’s cyber subcommittee, is likely to support the effort.
“Yes, there should be, and the question is what’s the appropriate way to put them into play that they can actually adhere to them,” Rounds told reporters when asked Wednesday if there should be cybersecurity standards in place for telecom companies. “That legislation I believe will be coming.”
He stressed though that it would likely take time to fully address the spectrum of security concerns raised by this breach, noting that “it’s not like getting a new phone, it’s the structure that these cell phone systems have been built on.”
Pushing back against China is also high on the agenda for lawmakers, particularly for China hawks like Rubio, as Trump builds out his administration.
“The Chinese entities are listening in, and monitoring calls and text messages from American officials and the best response to that is not just defense, but offense, and they need to pay a price,” Sen. Mitt Romney (R-Utah) told POLITICO as he left the briefing.
While the Senate Intelligence Committee received a separate classified briefing on the Salt Typhoon hacks last month, Wednesday’s event brought together the full Senate, putting their phones aside to get feedback in the Senate SCIF from officials on the gravity of the incident. Rounds said the senators were “attentive,” though the mood was somber.
“I think it woke a lot of people up in the meeting,” Sen. Markwayne Mullin (R-Okla.) said.