The committee was concerned that the previous administration had not effectively addressed the cybersecurity threats posed by China-backed hacking groups.
The House Homeland Security Committee on Monday requested that the Department of Homeland Security (DHS) provide all documents related to the agency’s response to telecommunications hacking incidents involving China’s state-backed cyber groups Volt Typhoon and Salt Typhoon.
The committee said that it was conducting oversight of the government’s response to the “malicious cyber campaigns” carried out by the Chinese hacking groups against U.S. critical infrastructure, according to a letter obtained by The Epoch Times.
The lawmakers said they were concerned that the previous administration had not effectively addressed the cybersecurity threats posed by Chinese state-sponsored hacking groups.
“Despite officials raising the alarm about Volt and Salt Typhoon, we still know very little about them—except that Volt Typhoon, in particular, continues to compromise our critical infrastructure,” they stated.
The letter was signed by House Committee chairman Mark Green (R-Tenn.) and the chairs of two subcommittees.
The committee asked DHS Secretary Kristi Noem to turn over, by March 31, all emails and internal memos related to Volt Typhoon and Salt Typhoon dating back to Jan. 20, 2021, when the Biden administration took office.
According to the letter, the previous administration had delayed a briefing on Salt Typhoon for about a month until the Wall Street Journal published a report about the hacker’s activity.
“These threat actors pose significant challenges that cannot be addressed overnight,” it stated. “The Biden administration’s lack of transparency surrounding the federal government’s response to Volt and Salt Typhoon, however, was unacceptable and disconcerting.”
The committee sought information about when the federal government first became aware of the cybersecurity threats and damage caused by the two hacking groups, as well as the timeline of the government’s response to the intrusions.
The lawmakers also requested agency documents detailing the “actions taken with relevant Agencies/Departments, industry stakeholders, victims, and any other relevant parties” after the threat was detected.
The Epoch Times reached out to the DHS for comment but did not receive a reply by publication time.
Salt Typhoon has engaged in a wide-ranging espionage campaign since 2022, infiltrating major U.S. telecommunications networks. The group has compromised at least nine U.S. telecommunications companies, Anne Neuberger, who was then serving as deputy national security adviser for cyber and emerging technology, said in December 2024.
The hacking group had also targeted President Donald Trump and Vice President JD Vance in September 2024, according to the letter. Vance said in a podcast interview last year that Chinese hackers breached his cellphone using back-end infrastructure.
Another Chinese hacking group, Volt Typhoon, began targeting a wide range of networks across U.S. critical infrastructure organizations in 2021. Microsoft flagged the group’s activity in 2023, stating that the China-based actor had been primarily engaged in spying and gathering information on targets.
According to a 2023 report by Microsoft, the Chinese hacking group is believed to be pursuing the development of capabilities that could disrupt “critical communications infrastructure between the United States and Asia region during future crises.”
The Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory in February 2024 stating that Volt Typhoon had maintained “access and footholds within some victim IT environments for at least five years,” suggesting that Chinese malware may have been infiltrating U.S. systems for far longer than officials have been aware of it.
The advisory warned that Chinese state-sponsored cyber actors were seeking to “pre-position themselves on IT networks for disruptive or destructive cyberattacks against U.S. critical infrastructure in the event of a major crisis or conflict with the United States.”
The DHS announced the termination of its advisory committees after Trump took office on Jan. 20. Among them was the Cyber Safety Review Board, which had been investigating the threats posed by Salt Typhoon during the Biden administration.
Acting DHS Secretary Benjamine Huffman stated in a memo that the move is aligned with the department’s commitment to end “the misuse of resources” and ensuring that DHS activities prioritize national security.
Eva Fu and Jack Phillips contributed to this report.