FOR IMMEDIATE RELEASE
Chairman Green Issues Statement Ahead of First CSRB Meeting on 'Salt Typhoon' Cyber Intrusions
WASHINGTON—Today, House Committee on Homeland Security Chairman Mark E. Green, MD (R-TN) issued the following statement in advance of the Cyber Safety Review Board’s (CSRB) first meeting to begin its assessment of the intrusions into telecommunication networks by a Chinese Communist Party (CCP)-affiliated threat actor known by Microsoft as “Salt Typhoon.” According to the Cybersecurity and Infrastructure Security Agency (CISA), the intrusion is still ongoing and has impacted at least eight U.S. companies:
“As the CSRB begins laying the groundwork for its fourth report today, the Board’s members have an immense task ahead of them. There is no doubt that a nation-state sponsored intrusion of this scale and sophistication into internet service providers is unprecedented and unnerving—something hard to say after the discovery of Volt Typhoon, another PRC state-sponsored threat actor. There is bipartisan concern––and frustration––in Congress about the shocking extent of the CCP-affiliated threat actor’s ongoing access to sensitive data.
“While it is essential to protect sensitive information from our adversaries amid an ongoing law enforcement investigation and a widespread mitigation effort, Americans deserve to know if the phone in their pocket is being used as a weapon in the CCP’s information war. I urge affected companies to cooperate in this investigation so we have a comprehensive and thorough understanding of this intrusion, which will position the CSRB to develop potential recommendations for improving overall U.S. telecom network resiliency. I also urge CSRB members and CISA to prioritize timely information sharing with Congress, industry, and the American people to help ensure no intrusion of this scope ever happens again—and to assist Americans who may have been impacted in securing their personal data.
“Once the Board releases its report, I look forward to holding a hearing to examine its findings, as we did with the Board’s Summer 2023 Microsoft Exchange Online incident report. We must continue the important conversation on raising the bar for cybersecurity across sectors if we want to succeed at mitigating the collective risk to our networks. Most importantly, I look forward to advancing in the House and Senate vital Committee legislation to address the broader cyber threats facing our critical infrastructure. This effort will include bills to create an interagency task force on China’s cyber threats, secure the operational technology at our maritime ports, and bolster America’s cyber workforce. We face an urgent threat from our adversaries against the technology that underpins our daily lives, and we must be prepared to take decisive action.”
###