Cyberwarfare / Nation-State Attacks,
Fraud Management & Cybercrime
House Homeland Security Committee Considers Response to Volt Typhoon and Future of CISA
In a session on January 17, members of Congress underscored the urgent need for a more aggressive US strategy in response to nation-state hacking activities, particularly those emanating from China. The discussion unfolded against a backdrop of significant organizational changes at the federal level, specifically regarding the Cybersecurity and Infrastructure Security Agency (CISA).
Experts, including Mark Montgomery, senior director at the Center on Cyber and Technology Innovation, urged American defenders to take proactive measures against the infrastructure supporting a wave of hacking attributed to Beijing. “We have to go on the offense,” Montgomery asserted, highlighting the vulnerabilities that these attacks present to critical infrastructure, especially in telecom networks. He emphasized the necessity for public attribution of counteractions to dissuade further aggressions from nations like China.
Recent reports from CISA revealed that the hacking group Volt Typhoon has been embedded in US IT systems for over five years, specifically targeting critical infrastructure sectors. This poses serious concerns in light of increasing geopolitical tensions surrounding Taiwan. The Biden administration has responded with sanctions and prosecutions against suspected Chinese hackers, yet some legislators are advocating for more decisive military-style responses to deter these sophisticated cyber threats.
Congressman Michael McCaul of Texas expressed strong agreement with the need for a robust response, cautioning that in a worst-case scenario, Chinese cyber capabilities could disrupt power supply across the US West Coast. Montgomery and others proposed that the establishment of state-level cyber defense National Guard units could empower governors with resources to respond more effectively to these threats at a local level.
In testimony before the Senate Homeland Security Committee, Kristi Noem, the Republican nominee to head the Department of Homeland Security, criticized CISA for its size and operational effectiveness, arguing for a leaner and more agile agency structure. The growth of the agency under the current administration has raised concerns among some lawmakers who believe that expansion has compromised efficiency and focus.
Amid these discussions, acting Homeland Security Secretary Benjamine Huffman disbanded all advisory committee members, including those on the Cyber Safety Review Board, which was set up to evaluate major cyber incidents and recommend countermeasures. This action followed recent investigations into the Volt Typhoon hacking, raising further scrutiny over the agency’s strategic direction.
During the hearing, Montgomery maintained that CISA must take a more active leadership role in managing cybersecurity risks across various sectors, even those outside its current jurisdiction, such as transportation and utilities—areas that remain vulnerable to adversary tactics such as initial access and privilege escalation according to the MITRE ATT&CK framework. The evolving nature of these threats underscores the critical need for an adaptive and responsive federal cybersecurity posture that transcends administrative changes.
