'We are deeply alarmed [the Department of Homeland Security] has not publicly disclosed when this investigation will begin,' the senators stated in a letter:
A bipartisan group of senators has urged a federal review board to immediately begin an investigation into a Chinese hacking group's attacks against the United States, according to a recent letter sent to Robert Silvers, undersecretary for policy at the Department of Homeland Security (DHS).
Led by Sen. Eric Schmitt (R-Mo.), the senators wrote in a letter dated Nov. 14 that the independent Cyber Safety Review Board (CSRB) had announced in late October that it would initiate a review "at the appropriate time," a DHS spokesman confirmed in a statement to the Wall Street Journal, following media reports that Salt Typhoon, a Chinese state-sponsored threat group, had breached several U.S. telecommunications companies.
[...] The senators noted that the CSRB's announcement "is a good first step." The CSRB, established by the DHS in 2022, consists of federal officials and private-sector cybersecurity experts.
"We are deeply alarmed DHS has not publicly disclosed when this investigation will begin," the senators wrote. "While details of the attack are still being revealed, the scope of this attack is historic in nature and the hacking technique used by Salt Typhoon holds countless senior U.S. officials and millions of U.S. citizens at risk.
"With all due speed and urgency, the CSRB should begin investigating how this happened immediately."
Previously: U.S. Wiretap Systems Targeted in China-Linked Hack
« Jawboning in Plain Sight: The Unconstitutional Censorship Tolerated by the DMCA | Scientists Discover Mysterious Deep Sea Creature. It Hunts With A Hood. »
Related Stories
U.S. Wiretap Systems Targeted in China-Linked Hack
From Schneier's Blog
A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers, potentially accessing information from systems the federal government uses for court-authorized network wiretapping requests.
https://www.schneier.com/blog/archives/2024/10/china-possibly-hacking-us-lawful-access-backdoor.html
It's a weird story. The first line of the article is: "A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers." This implies that the attack wasn't against the broadband providers directly, but against one of the intermediary companies that sit between the government CALEA requests and the broadband providers.
For years, the security community has pushed back against these backdoors, pointing out that the technical capability cannot differentiate between good guys and bad guys. And here is one more example of a backdoor access mechanism being targeted by the "wrong" eavesdroppers.
Pluralistic: China Hacked Verizon, AT&T and Lumen Using the FBI's Backdoor (07 Oct 2024) – Pluralist
China hacked Verizon, AT&T and Lumen using the FBI's backdoor (permalink)
State-affiliated Chinese hackers penetrated AT&T, Verizon, Lumen and others; they entered their networks and spent months intercepting US traffic – from individuals, firms, government officials, etc – and they did it all without having to exploit any code vulnerabilities. Instead, they used the back door that the FBI requires every carrier to furnish:
In 1994, Bill Clinton signed CALEA into law. The Communications Assistance for Law Enforcement Act requires every US telecommunications network to be designed around facilitating access to law-enforcement wiretaps. Prior to CALEA, telecoms operators were often at pains to design their networks to resist infiltration and interception. Even if a telco didn't go that far, they were at the very least indifferent to the needs of law enforcement, and attuned instead to building efficient, robust networks.
Predictably, CALEA met stiff opposition from powerful telecoms companies as it worked its way through Congress, but the Clinton administration bought them off with hundreds of millions of dollars in subsidies to acquire wiretap-facilitation technologies. Immediately, a new industry sprang into being; companies that promised to help the carriers hack themselves, punching back doors into their networks. The pioneers of this dirty business were overwhelmingly founded by ex-Israeli signals intelligence personnel, though they often poached senior American military and intelligence officials to serve as the face of their operations and liase with their former colleagues in law enforcement and intelligence.
Telcos weren't the only opponents of CALEA, of course. Security experts – those who weren't hoping to cash in on government pork, anyways – warned that there was no way to make a back door that was only useful to the "good guys" but would keep the "bad guys" out.
These experts were – then as now – dismissed as neurotic worriers who simultaneously failed to understand the need to facilitate mass surveillance in order to keep the nation safe, and who lacked appropriate faith in American ingenuity. If we can put a man on the moon, surely we can build a security system that selectively fails when a cop needs it to, but stands up to every crook, bully, corporate snoop and foreign government. In other words: "We have faith in you! NERD HARDER!"
With the help of tipsters, the cybersecurity agency was able to 'connect the dots' to crack what has been called one of the worst telecom hacks in US history:
Chinese state-backed cyber espionage group Salt Typhoon, which has been in the news for its breach of U.S. telecom firms, was first discovered on the federal network using a different name, according to Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA).
"We saw it as a separate campaign called another goofy cyber name. And we were able to—based on the visibility that we had within the federal networks—to be able to connect some dots," she said during a discussion at the Foundation for Defense of Democracies on Jan. 15.
[...] The earlier identification under a different name enabled officials to connect the dots with the help of tipsters from the private sector, which Easterly said ultimately "led to kind of cracking open the larger Salt Typhoon piece."
[...] On Jan. 17, the U.S. Treasury Department announced it was sanctioning Chinese cybersecurity company Sichuan Juxinhe Network Technology Co. for "direct involvement in the Salt Typhoon cyber group."
"Chinese state-backed cyber actors continue to present some of the greatest and most persistent threats to U.S. national security," the Treasury Department said.
The Treasury Department also sanctioned Shanghai-based hacker Yin Kecheng, who was allegedly behind a major breach of the department's network in early December. The cyber actor is affiliated with China's Ministry of State Security, the department said.
Previously:
- U.S. Treasury Confirms It Was Breached by China-Backed Hackers
- A 9th Telecoms Firm Has Been Hit by a Massive Chinese Espionage Campaign, the White House Says
- Wyden Law Would Give FCC Greater Power Over Telecom's Lax Cybersecurity In Wake Of Ugly Salt Typhoon
- Salt Typhoon's Cyberstorm Reaches Beyond US Telcos
- Senators Ask Cyber Review Board to Conduct Investigation on Chinese Hack Group
(Score: 2) by VLM on Wednesday November 20, @12:46PM (1 child)
Probably a false flag. Or its one of those groups that's 51+% feds.
(Score: 2) by DannyB on Wednesday November 20, @04:21PM
Or maybe that's what they want you to think?
Or maybe they don't want the hacking group to know when or if there will actually be an investigation.
Satin worshipers are obsessed with high thread counts because they have so many daemons.
(Score: 2) by Frosty Piss on Wednesday November 20, @03:33PM (1 child)
Is this one of Musk's new departments?
(Score: 3, Funny) by DannyB on Wednesday November 20, @04:25PM
That's a bad choice. If Mike Lindell can be in charge of election security, then he should also be in charge of "the cyber".
<no-sarcasm>
I seriously believe that Lindell is equally qualified for both jobs. Yes, really, I do. For real.
</no-sarcasm>
Satin worshipers are obsessed with high thread counts because they have so many daemons.