Lawmakers Seek DHS Records in Probe of US Response to Chinese Cyber Campaigns
The House Homeland Security Committee is taking steps to uncover more information about the US response to Chinese cyber campaigns, specifically those carried out by two prolific hacking groups: Volt Typhoon and Salt Typhoon.
In a letter being sent on Monday, the committee is requesting that DHS Secretary Kristi Noem provide all agency documents since the start of the Biden administration that refer to or reference these two groups and their hacking activities. The requested documents include emails, internal memoranda, and other guidance about Volt Typhoon and Salt Typhoon.
The committee, led by Chairman Mark Green (R-Tenn.), is conducting oversight of the federal response to malicious cyber campaigns against US critical infrastructure conducted by these two groups. They argue that despite numerous investigations, there is still a lack of transparency regarding the extent of the threat posed by Volt Typhoon and Salt Typhoon.
Volt Typhoon was first raised in a high-profile hearing with intelligence and cybersecurity officials around a year ago. Over the past five years, this group has infiltrated various sets of civilian critical infrastructure around the nation, including ports and power grids. Officials have warned that Volt Typhoon embeds malware into infrastructure to enable future disruptions and trigger societal panic, likely to distract the American public if China moves to invade Taiwan.
Salt Typhoon's operations, discovered last summer, have been more extensive, infiltrating at least nine US telecom operators and dozens of other communications providers worldwide. The hackers remain inside these systems, with mechanisms in place to grant them persistent access. It is unclear whether these access paths have been mitigated.
The group has also ensnared systems facilitating court-authorized wiretap requests, giving the hackers an enriched view into conversations of top officials and politicians, including President Donald Trump and Vice President JD Vance. Several hundred organizations were notified last year that they may be at risk of compromise.
The committee is concerned about the lack of transparency in the US response to these hacks, with some investigations taking place only after news headlines became public. They hope that the Biden administration will provide confidence that their government is taking every step possible to mitigate the impact of Volt Typhoon on government entities and businesses.
The Committee's Request
Alongside cybersecurity subcommittee leader Andrew Garbarino (R-NY) and oversight subcommittee leader Josh Brecheen (R-Okla.), Chairman Green is writing a letter to Secretary Noem, requesting specific documents:
- DHS documents since the start of the Biden administration that refer to or reference Volt Typhoon and Salt Typhoon.
- Files like emails, internal memoranda, and other guidance about these groups.
- A timeline of events when DHS became aware of both cyberespionage units and a US cyber agency's response to their intrusions.
The committee is directing DHS to provide all relevant documentation by March 31. The letter was first seen by Nextgov/FCW, which reported on the congressional probe last year.
China's Response
A coalition of Senate Republicans recently asked the Trump administration to launch offensive cyber operations against China in response to Beijing-aligned hacks targeting US systems. China has frequently lambasted the US for its alleged hacking activities and argued that US concerns over Chinese hacking are being used as a tool to smear China.