One week after the disclosure of the hacking campaign targeting U.S. telecom companies, members of Congress are still assessing the implications. The Chinese Salt Typhoon group is reportedly responsible for infiltrating AT&T T, Verizon VZ, and Lumen Technologies LUMN, raising concerns that sensitive government data related to court-authorized wiretaps may have been compromised.
As The Wall Street Journal reported, congressional committees have sent letters to the chief executives of the three companies requesting detailed explanations about the intrusion and the steps taken to secure their systems.
Rep. Cathy McMorris Rodgers (R-WA), chairwoman of the House Energy and Commerce Committee, asked the companies to provide a full briefing by the end of next week.
“These types of breaches are increasing in frequency and severity,” the letter states. “The committee needs to understand better how this incident occurred and what steps your company is taking to prevent future service disruptions and secure your customers’ data.”
Rep. John Moolenaar (R-MI) and Rep. Raja Krishnamoorthi (D-IL), on behalf of the House Select Committee on China, raised concerns that the breach could have severe national security implications.
“We face a cyber-adversary the likes of which we have never confronted before, and we must urgently enhance our nation's approach to cybersecurity,” they stated.
The Chinese Embassy in Washington has denied any involvement in the attack. “China firmly opposes and combats cyberattacks in all forms,” a spokesperson said, rejecting claims that the Chinese government was behind the breach.
Meanwhile, Sen. Ron Wyden (D-OR), a member of the Senate Intelligence Committee and a leading advocate on cybersecurity issues, sent a letter to the Justice Department and the Federal Communications Commission (FCC).
The government shares much of the blame,” Wyden wrote, criticizing the longstanding inaction on vulnerabilities in wiretap systems required under the Communications Assistance for Law Enforcement Act (CALEA).
CALEA, which passed in 1994, mandates that telecom providers maintain systems that allow law enforcement to intercept communications. The law was expanded in 2005 to include broadband and internet-based services, leaving private companies responsible for ensuring compliance.
However, computer security experts like Berkeley's senior researcher, Dr. Nicholas Weaver, have been warning that these “backdoors” pose significant security risks for years, per Reason's report.
Other cybersecurity experts say the Salt Typhoon intrusion exposes the inherent dangers of backdoor access.
“The problem with backdoors is well-known,” said Matthew Green, a cryptography professor at Johns Hopkins University. “Any channel devoted to one party will eventually be discovered and abused by another.”
Read Next:
Photo: Shutterstock
© 2024 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.
Comments
Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.