Salt Typhoon: Securing America’s Telecommunications from State-Sponsored Cyber Attacks

House Subcommittee on National Security, the Border, and Foreign Affairs

2025-04-02

Loading video...

Source: Congress.gov

Summary

This hearing addressed the critical national security challenge of cyber espionage against critical infrastructure, focusing on the sophisticated Salt Typhoon attack and broader vulnerabilities. Witnesses and members discussed the scope of these threats, potential countermeasures, and the need for a unified cybersecurity strategy. A significant portion of the discussion also revolved around a recent controversy involving national security officials using an insecure messaging app for sensitive communications.[ 00:17:38-00:17:41 ] [ 00:21:50-00:21:57 ]

Citation requires full transcript

Sign in to continue

Sign in

Themes

Cyber Espionage and Critical Infrastructure Vulnerabilities

The Salt Typhoon attack, linked to a Chinese state-sponsored hacking group, extensively breached U.S. telecommunication networks like Verizon and AT&T, intercepting real-time calls and messaging data from millions of users, particularly high-value government and political figures.[ 00:17:48-00:18:44 ] This incident is part of a broader trend, with global cyberattacks against critical infrastructure increasing by 30% last year, averaging 13 attacks per second.[ 00:17:54-00:17:58 ] These attacks exploit vulnerabilities in outdated infrastructure, weak network management, and "backdoor" capabilities mandated by laws like CALEA, which require wiretap-ready infrastructure.[ 00:19:01-00:19:07 ]

Citation requires full transcript

Sign in to continue

Sign in
 The threat extends beyond telecommunications to sectors such as transportation, water, power, sewer, and the defense industrial base, posing risks of physical impact and widespread chaos.

The Signal Chat Controversy

A contentious point in the hearing was the alleged sharing of classified information regarding an upcoming strike by national security advisors on a Signal group chat that included a journalist.[ 00:22:27-00:22:35 ]

Citation requires full transcript

Sign in to continue

Sign in
 Critics argued that this exposed war plans, intelligence sources, and put troops at risk, leading to a loss of trust from allies and demonstrating incompetence. While Signal offers end-to-end encryption, experts noted that phones themselves remain vulnerable to hacking via public Wi-Fi, Bluetooth, or malicious links, and even quantum computing could potentially compromise Signal's encryption.[ 00:40:09 ]

Citation requires full transcript

Sign in to continue

Sign in
 Conversely, some members asserted that Signal is secure against infrastructure-level attacks and that the incident, though an error, did not involve classified information and had no adverse impact on the operation.[ 01:15:58 ]

Citation requires full transcript

Sign in to continue

Sign in
[ 01:16:20 ]

Citation requires full transcript

Sign in to continue

Sign in
[ 01:20:27-01:20:33 ]

Citation requires full transcript

Sign in to continue

Sign in
[ 01:20:48 ]

Citation requires full transcript

Sign in to continue

Sign in

Future Cybersecurity Strategy and Challenges

The discussion emphasized the need for a proactive and unified cybersecurity strategy involving Congress, federal agencies, and the private sector.[ 00:19:12-00:19:25 ]

Citation requires full transcript

Sign in to continue

Sign in
 Proposed solutions include cybersecurity certifications for telecom companies, investing in aggressive offensive capabilities, and a shift towards building new, more resilient "next-generation" infrastructure, rather than patching existing, vulnerable systems.[ 00:19:30-00:19:42 ]

Citation requires full transcript

Sign in to continue

Sign in
 The increasing use of AI by adversaries necessitates a national, coordinated response focused on intelligent system design and data utilization.[ 00:30:17-00:30:42 ]

Citation requires full transcript

Sign in to continue

Sign in
 Experts also called for harmonizing federal cybersecurity regulations, potentially using AI, to reduce bureaucracy and improve the efficiency of cybersecurity resources. The concept of deterrence was debated, with some suggesting offensive measures or tariffs against malicious state actors to create consequences for cyber attacks.

Tone of the Meeting

The meeting began with a bipartisan agreement on the seriousness of cyber threats to national security.[ 00:17:38-00:17:41 ] [ 00:21:41 ]

Citation requires full transcript

Sign in to continue

Sign in
 However, it quickly devolved into partisan exchanges, particularly around the Signal chat controversy. Members from both sides accused the other of politicization and hypocrisy, leading to heated discussions that overshadowed the primary focus on critical infrastructure cybersecurity.[ 00:59:55 ]

Citation requires full transcript

Sign in to continue

Sign in
 Despite the political disagreements among members, the expert witnesses largely maintained a professional and informative demeanor throughout the proceedings.[ 00:37:52 ]

Citation requires full transcript

Sign in to continue

Sign in

Participants

Transcript

This hearing of the subcommittee on military and foreign affairs will come to order.  I want to welcome everyone.  Without objection, the chair may declare a recess at any time.  I recognize myself for the purpose of making an opening statement.   Good morning, thank you for joining us today as we confront one of the most pressing national security challenges of our time, cyber espionage by adversaries targeting our critical infrastructure.  I'd like to thank our witnesses for being here today and look forward to our conversation.  In recent months, sophisticated cyber attacks by groups like Salt Typhoon have not only compromised networks used by millions of Americans, but have threatened the backbone of our national security.   Our nation's critical infrastructure is under attack at a staggering pace.  Reports indicate that globally, cyber attacks against critical infrastructure increased by 30% last year, averaging 13 attacks per second.  In the United States alone, over 420 million cyber attacks were recorded in just the last year.  These incidents are not random errors.  They are part of a coordinated campaign by a well-funded foreign adversary that exploits vulnerabilities.   Salt Typhoon, a Chinese state-sponsored hacking group with direct ties to the CCP's intelligent apparatus, executed an extensive breach that compromised US telecommunication networks.  This campaign targeted essential communication networks, including those operated by industry giants like Verizon and AT&T.  They were able to intercept real-time calls and messaging data from over a million users.   Critically, these attacks focused on gathering intelligence from high value government and political figures.  It is vital to emphasize these telecommunication companies are not at fault.  They are on the defensive against an enemy that employs sophisticated tactics using vulnerabilities and sometimes outdated infrastructure and exploiting weak points in network management systems to gain unprecedented access to our critical communications.  This is not a failure of the private sector.   is a clear signal that our nation must take a more proactive approach.  The damage control posture of the previous administration has left us vulnerable to these state-sponsored cyberattacks.
Instead of merely reacting after breaches occur, we must be forward-thinking and resolute.  National security is paramount, and it is our government's responsibility to safeguard the American people and the critical infrastructure that we rely on every day.   Now more than ever, it is imperative for Congress and federal agencies to join forces with the private sector in establishing a robust, unified cybersecurity strategy   Legislators have begun proposing measures to require annual cybersecurity certifications for telecom companies, ensuring they adhere to strict security protocols.  Yet this is only part of the solution.  We must also invest in a more aggressive offensive capability that deters adversaries from exploiting our vulnerabilities, sending a clear message that cyber espionage against American infrastructure will have severe consequences.   Furthermore, the sheer volume of these attacks should serve as a wake-up call for strengthening our critical infrastructure.  When our communication systems, integral to our national defense, emergency services, and economic vitality are compromised, it erodes public trust and jeopardizes our collective safety.  It is our duty to ensure that our government agencies, in collaboration with private industry, take decisive action to upgrade cybersecurity measures and hold foreign state actors accountable.   In closing, let me reiterate, the threat we face is not a result of negligence from our telecom companies, but a deliberate, strategic maneuver by sophisticated and hostile state actors intent on undermining our national sovereignty.  This is a call to action for every American who values freedom and security.   We must fortify our defenses, invest in advanced cybersecurity technology, and pursue strong, proactive policies that secure our nation's critical infrastructure against these relentless threats.  The time to act is now, before our adversaries turn these vulnerabilities into tools for even more severe real-world disruption.  Thank you again to our witnesses for being here today, and I look forward to hearing about your experiences in the cybersecurity field and any recommendations you have regarding our strategic cyber posture.
And with that, I yield to Ranking Member Subramanian for his opening statement.
Thank you, Chairman Timmons.  Thank you for holding this hearing.  And I agree with much of what you said.  We must protect our telecommunications infrastructure from   our adversaries, foreign and domestic.  And the future of warfare is here now.  And programs like Salt Typhoon are actively infiltrating our networks and gaining access to sensitive information and credentials.  And I would say Salt Typhoon is one of the worst breaches our country has ever faced in our telecom infrastructure.  And we're still uncovering the full breadth and scope of its attacks.  And this work to protect our telecom infrastructure is urgent and it's bipartisan and it must be   It must be a national priority.  And so it's deeply troubling that in the midst of this massive cybersecurity espionage effort we're facing, our national security advisors are breaking basic protocols that ought to be followed by every person handling sensitive and classified information.  As we saw last week, our national security advisor added a journalist to a signal group chat where top officials shared classified information about an upcoming strike.   The administration has not taken responsibility and tried to deflect, saying that it isn't a big deal and the mission was a success.

Sign up for free to see the full transcript

Accounts help us prevent bots from abusing our site. Accounts are free and will allow you to access the full transcript.

Sign up