House Oversight Members Eye Post-Salt Typhoon Defenses, Clash on 'Signalgate'
House Oversight Foreign Affairs Subcommittee Republicans tried to keep a Wednesday hearing focused on how to strengthen U.S. telecom networks’ security after the 2024 Chinese government-affiliated Salt Typhoon hacking incident (see 2411190073). But it quickly shifted to a series of partisan barbs over Trump administration officials’ leaked communications about plans for an airstrike in Yemen on messaging app Signal. Republicans have been attempting to pivot from the week-plus fallout over “Signalgate,” with White House press secretary Karoline Leavitt telling reporters Monday that “this case has been closed … as far as we are concerned.”
Sign up for a free preview to unlock the rest of this article
Communications Daily is required reading for senior executives at top telecom corporations, law firms, lobbying organizations, associations and government agencies (including the FCC). Join them today!
The House Commerce Committee, meanwhile, has postponed a planned April 8 Communications Subcommittee hearing examining telecom infrastructure security, a spokesperson confirmed Wednesday. House Commerce hadn’t publicly announced it before leaders were forced to reshuffle plans after Speaker Mike Johnson, R-La., canceled all chamber votes for the rest of this week. The committee rescheduled for April 8 a planned Wednesday markup session, which included the NTIA Reauthorization Act (HR-2482) and 10 other tech and telecom bills (see 2504010058). The markup session will begin at 10 a.m. in 2123 Rayburn. The telecom cybersecurity hearing will happen after the House returns April 28 from a planned two-week recess, the Commerce spokesperson said.
House Oversight Foreign Affairs Chairman William Timmons of South Carolina was among Republicans who emphasized concerns about how to protect U.S. telecom infrastructure from attacks like Salt Typhoon, which “compromised networks used by millions of Americans” and “threatened the backbone of our national security.” The Chinese government was “able to use outdated infrastructure to gather enormous amounts of unsecured data” and “learn what we're planning from the communications between our government officials,” Timmons said.
“We need to do a much better job” of defending U.S. networks and “go on offense” by using President Donald Trump’s plans for increased tariffs to hold adversaries accountable and “create a deterrent threat to make sure that this doesn't happen again,” Timmons said. “It's not unreasonable, if a terrorist or a foreign state is going to cause immense damage and threaten our national security, that we just use tariffs to hold them accountable, to extract economic pain.” The U.S. needs to “make sure that we're able to use every tool in our toolbox to hold both nation state actors and non-state actors accountable,” he said.
Testimony
Galvanick CEO Josh Steinman, former National Security Council senior director-cybersecurity during Trump’s first administration, testified that Congress needs to act "in concert with the executive branch … to finally get us on a footing to be able to defend” all U.S. critical infrastructure sectors. “Chinese cyber forces quietly occupy positions inside American telecommunications” and other systems and are “ready to unleash devastating disruptions designed explicitly to shake American resolve during a crisis over Taiwan,” Steinman said.
TAG Infosphere CEO Edward Amoroso said the U.S. “will not solve this challenge by playing defense alone. We cannot rely solely on reactive ‘damage control’ strategies that wait for the next breach before moving. Instead, we must fundamentally shift our approach. And I believe this pivot begins with research and development, with a bold, national investment in artificial intelligence-driven cybersecurity.”
Georgetown University law professor Matt Blaze urged lawmakers to revamp the 1994 Communications Assistance for Law Enforcement Act because its mandate for U.S. networks to have “universal wiretap capabilities” created vulnerabilities that “are now much more severe than perhaps they were at the start.” Such a revamp should mandate “rigorous security testing, reviewed on an ongoing basis and as new services and equipment are introduced,” Blaze said. “And the capabilities should be required to be off by default, rather than enabled even in facilities where no wiretaps are active.”
House Oversight Foreign Affairs ranking member Suhas Subramanyam of Virginia was one of several Democrats who focused on Trump officials’ Signal use. “It's deeply troubling that in the midst of this massive cybersecurity espionage effort we're facing,” Vice President JD Vance and national security officials “are breaking basic protocols that ought to be followed by every person handling sensitive and classified information,” Subramanyam said. “The administration has not taken responsibility and tried to deflect,” but “this is a big deal.”
Rep. Michael Cloud of Texas and other Republicans criticized Democrats for bringing up the Signal controversy. “It's surprising … to see the politicization of this hearing,” which shows that Democratic “administrations can use Signal, but Republicans can’t,” Cloud said. Rep. Eli Crane, R-Ariz., sought to downplay the importance of Trump officials’ use of the app, questioning whether those messages would have been vulnerable to exposure in Salt Typhoon. Blaze responded that Signal's encryption would protect users' messages from attacks against infrastructure like Salt Typhoon.
Rep. Stephen Lynch, D-Mass., criticized Republicans for seeking to downplay the Signal issue. “I can understand if Republican members don't want to say anything about what the Trump administration did on this, and what they continue to do,” he said. But “I'm offended that” Republicans would claim that bringing the matter up constitutes “politicization when we're trying to protect” members of the military. “We cannot encourage that type of activity.”