Congressional lawmakers are pushing for information from three wireless carriers and pressing federal agencies to hardening cybersecurity standards in the wake of reports that a threat group sponsored by the Chinese government compromised the networks of internet service providers (ISPs) as part of a broad cyber-espionage campaign.

At the same time, the Biden Administration reportedly is creating an emergency team to address the intrusion into the networks by Salt Typhoon, one of several Chinese nation-state hacker teams that is believed to be attacking the federal government and critical infrastructure organizations, according to the Washington Post and Politico.

The U.S. House of Energy and Commerce Committee late last week sent letters to the heads of AT&T, Verizon Wireless, and Lumen Technologies, all of which were hacked by Salt Typhoon in a campaign that was first reported by the Wall Street Journal earlier this month. The committee is asking for the executives – Verizon Chairman and CEO Hans Vestberg, AT&T CEO John Stankey, and Lumen President and CEO Kate Johnson – to appear before it by the end of the week to discuss the situation.

At the same time, the panel wants information from each company about the breaches, including when they first learned about them, how they’re managing them, what information was compromised, and steps they’ve taken to strengthen their cybersecurity protections.

In addition, House Select Committee on the Chinese Communist Party sent its own letter to the three executives seeking closed-door briefing, writing that “the implications of any breach of this nature would be difficult to overstate” and adding that “we recognize that enhancing our nation’s cybersecurity is a challenge that neither the public nor private sectors can tackle alone.”

Stronger Security Needed

Meanwhile, Senator Ron Wyden (D-OR) sent a letter to both Attorney General Merrick Garland and Jessica Rosenworcel, chairman of the Federal Communications Commission (FCC), urging the federal government to follow through on a requirement in a 30-year-old law to secure the wiretapping systems of telephone and broadband companies from hackers.

Instead of implementing the provision about the issue in the 1994 Communications Assistance for Law Enforcement Act (CALEA), the government hasn’t adopted mandatory security standards for such highly sensitive systems, Wyden wrote.

“The recently reported hack of U.S. telecommunications companies’ wiretapping systems should serve as a major wake-up call to the government,” the senator wrote. “The outdated regulatory framework and DOJ’s failed approach to combating cyberattacks by protecting negligent corporations must be addressed. The security of our nation’s communications infrastructure is paramount, and the government must act now to rectify these longstanding vulnerabilities.”

For China, Persistence is Key

According to the initial WSJ article, the Salt Typhoon hackers – believed to be part of the Chinese government’s intelligence agency – may have been inside the telecoms’ networks for months and through their access to the wiretapping information may have gained insights into the United States’ surveillance efforts to of Chinese nationals.

The Salt Typhoon revelation comes months after another China-sponsored group, Volt Typhoon, was found to essentially be hiding in the networks of organizations in such critical infrastructure sectors as water, energy, and transportation – including in some cases for years – and ready to disrupt operations if a conflict between the United States and China breaks out.

Last month, the FBI said it seized a massive botnet used by Flax Typhoon, another Chinese threat group, that was made up of hundreds of thousands of devices connected to the internet. Investigators said the threat group used the botnet to hack into networks in the United States and elsewhere and steal information.

The China Threat

Chinese cyber-operations have become a primary concern for U.S. intelligence and security agencies, with FBI Director Christopher Wray testifying last year that “there’s no country that presents a more significant threat to our innovation, our ideas, our economic security, our national security than the Chinese government.” In a 2023 report, the Office of the Director of National Intelligence called China “the broadest, most active, and persistent cyber espionage threat to the U.S. Government and private-sector networks.”

In its letters to the heads of AT&T, Verizon, and Lumen, members of the Energy and Commerce Committee wrote that the Salt Typhoon attacks were “extremely alarming for both economic and national security reasons.”

“In an age where Americans rely heavily on your services for communication and connectivity, the integrity of your networks is paramount,” they said in the letter, which was signed by Rep. Cathy McMorris Rodgers (R-MI) and ranking member Frank Pallone (D-NJ), among others. “It is vital that cybersecurity protocols are enhanced to better protect American’s data against increasingly sophisticated attacks especially from our foreign adversaries.”

The White House decision to create a unified coordination group to deal with China’s intrusions is an indication of house serious government officials believe the cyberthreat is. It’s been three years since the administration has created such a group, when it formed two of them in the wake of hacks by Russian and Chinese groups.