China’s notorious Typhoon hacking groups are not as mysterious as they seem and they look to have exploited hardware flaws that no software patch can solve, according to cybersecurity experts’ testimony to the Senate on Wednesday.
U.S. national security officials suspect the Typhoon cyberattackers pre-positioned in Western infrastructure for future sabotage operations and have penetrated commercial telecommunications networks to spy on Americans.
Center for Strategic and International Studies’ James Andrew Lewis said a lot was already known about Beijing’s Salt Typhoon hackers. Those suspected of hitting the telecom sector appear to be Unit 61938, an intelligence unit in the Communist regime first indicted in 2014.
“If it is 61938, we know their names, we have their pictures, it’s been 10 years and they’ve been very busy,” Mr. Lewis told the Senate Commerce Committee. The U.S. response, he suggested, was not adequate to the security threat they posed.
“Our response has been to give them a stern lecture and send a few strongly worded notes,” he told lawmakers.
Mr. Lewis, senior vice president at CSIS, told the committee that the lackluster response from the U.S. has sent the signal that it is open season on America and “everyone on this committee is a target.”
U.S. cyber officials and international allies issued guidance regarding the hacking of the telecom sector earlier this month that stressed the need for stringent encryption standards and more monitoring of networks.
James Mulvenon, Pamir Consulting chief intelligence officer, told the panel that the guidance suggested the officials know that a software tweak will not end the Chinese hackers’ successes.
“The fact that they only call for monitoring and for better encryption and better multifactor [authentication], actually if you read between those lines, now you understand that the vulnerability is not fixable,” Mr. Mulvenon said. “That it’s a hardware vulnerability that requires a generational equipment shift.”
Replacing equipment is costly, and the price tag grows when the range of potential targets spans much of America’s telecommunication networks.
Policymakers who think additional regulation will stop Chinese cyberattacks should reconsider, according to the Senate Commerce Committee’s top-ranking Republican.
Sen. Ted Cruz criticized the Biden administration for tolerating China-linked cyberattacks and using the attacks as a pretext to expand inefficient and redundant government regulations.
“The federal government has a poor track record of protecting against cyberattacks, and we should be cautious about placing too much faith in more regulation and reporting requirements to protect us,” the Texas Republican said at the committee hearing. “Redundant regulations and reporting requirements stifle investment and can weaken incentives to promote secure communications networks and to cooperate with federal authorities.”
Mr. Cruz may have a new perch to push his views atop the Senate Commerce Committee when Republicans take charge of the Senate next year and could play a decisive role in shaping the federal government’s response to China’s digital attacks.
The problem of foreign cyberspying and digital attacks may only grow as the Biden administration turns over power to President-elect Donald Trump’s team.
Mr. Mulvenon said America’s enemies face little deterrence in cyberspace.
“The United States, clearly, is still in a very deep cyber deterrence hole with respect to China and the hole appears to only be getting deeper,” he said. “It is clear from recent events that China, and frankly for that measure Moscow and Tehran, don’t feel like they’ve found America’s pain point yet when it comes to cyber in terms of an expected imposed cost or expected actions on the part of the U.S. government.”
• Ryan Lovelace can be reached at rlovelace@washingtontimes.com.
Please read our comment policy before commenting.