Krishnamoorthi, Moolenaar Request Briefing from Top Executives at Verizon, AT&T, and Lumen Regarding Reported CCP-Sponsored Salt Typhoon Breach

WASHINGTON, D.C. – Yesterday, Ranking Member Raja Krishnamoorthi (D-IL) and Chairman John Moolenaar (R-MI) of the House Select Committee on the Strategic Competition Between the United States and the Chinese Communist Party sent a letter to the CEOs of three companies which recent news reports suggest were targeted in a Salt Typhoon breach – Verizon, AT&T, and Lumen Technologies.

According to these news reports, “a cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers, potentially accessing information from systems the federal government uses for court-authorized network wiretapping requests. For months or longer, the hackers might have held access to network infrastructure used to cooperate with lawful U.S. requests for communications data.” The letter requests further information on the reported breach and a closed-door briefing from representatives of each company.

The lawmakers write, in part, “Earlier this year, the Select Committee held a hearing focused on another PRC hacking group, known as Volt Typhoon, and its successful efforts to compromise U.S. critical infrastructure. Taken together with these news reports regarding Salt Typhoon’s apparent compromise of our nation’s wiretap system, it is clear that we face a cyber-adversary the likes of which we have never confronted before, and we must urgently enhance our nation’s approach to cybersecurity.”

Ranking Member Krishnamoorthi and Chairman Moolenaar request the following be addressed at the closed-door briefing:

•           Please describe when your companies first became aware of matters described in the Wall Street Journal article.

•           Please describe any specific measures your companies are taking to protect systems the federal government uses for court-authorized network wiretapping requests.

•           Please describe what measures Congress and the federal government can undertake to help your companies implement additional measures to protect against PRC state-sponsored hacking efforts.

Read this about this development in the Wall Street Journal HERE.

View the full letter HERE or continue reading below.

---

Dear Mr. Vestberg, Mr. Stankey, and Ms. Johnson:

On October 5, the Wall Street Journal reported that “a cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers, potentially accessing information from systems the federal government uses for court-authorized network wiretapping requests. For months or longer, the hackers might have held access to network infrastructure used to cooperate with lawful U.S. requests for communications data.”This article specifically cites your three companies as victims of this potential CCP-sponsored hack.

The implications of any breach of this nature would be difficult to overstate. According to one senior U.S. intelligence official quoted in the Washington Post, “it enables [the CCP] to understand exactly who the U.S. government is interested in and to either undermine the government’s intelligence collection efforts or to feed the United States disinformation.” Accordingly, it comes as no surprise that the group publicly reported to likely be behind this attack is Salt Typhoon, a hacking unit closely affiliated with the PRC’s Ministry of State Security.

Earlier this year, the Select Committee held a hearing focused on another PRC hacking group, known as Volt Typhoon, and its successful efforts to compromise U.S. critical infrastructure. Taken together with these news reports regarding Salt Typhoon’s apparent compromise of our nation’s wiretap system, it is clear that we face a cyber-adversary the likes of which we have never confronted before, and we must urgently enhance our nation’s approach to cybersecurity.

We recognize that enhancing our nation’s cybersecurity is a challenge that neither the public nor private sectors can tackle alone. While we appreciate that there may be an ongoing federal investigation into this matter, and we appreciate your cooperation with any such inquiries, we cannot wait to fortify our defenses. Accordingly, we respectfully request a closed-door briefing from appropriate representatives of each of your companies regarding the reported Salt Typhoon breach. At this briefing, please address the following matters.

•           Please describe when your companies first became aware of matters described in the Wall Street Journal article.

•           Please describe any specific measures your companies are taking to protect systems the federal government uses for court-authorized network wiretapping requests.

•           Please describe what measures Congress and the federal government can undertake to help your companies implement additional measures to protect against PRC state-sponsored hacking efforts.

Thank you for your attention to this matter. We stand ready to support your companies and other critical infrastructure operators in protecting against PRC-based cyber threats.

###