By David Shepardson and Richard Cowan
WASHINGTON (Reuters) -U.S. government agencies held a classified briefing for all senators on Wednesday on China's alleged efforts known as Salt Typhoon to burrow deep into American telecommunications companies and steal data about U.S. calls.
The FBI, Director of National Intelligence Avril Haines, Federal Communications Commission Chair Jessica Rosenworcel, the National Security Council and the Cybersecurity and Infrastructure Security Agency were among the participants in the closed-door briefing, officials told Reuters.
Democratic Senator Ron Wyden told reporters after the briefing he was working to draft legislation on this issue, while Senator Bob Casey said he had "great concern" about the breach and added it may not be until next year before Congress can address the issue.
Republican Senator Rick Scott expressed frustration with the briefing. "They have not told us why they didn't catch it; what they could have done to prevent it."
Separately, a Senate Commerce subcommittee will hold a Dec. 11 hearing on Salt Typhoon and how "security threats pose risks to our communications networks, and review best practices." The hearing will include Competitive Carriers Association CEO Tim Donovan.
There is growing concern about the size and scope of the reported Chinese hacking into U.S. telecommunications networks and questions about when companies and the government can assure Americans over the matter.
A U.S. official told reporters a large number of Americans' metadata has been stolen in the sweeping cyber espionage campaign, adding dozens of companies across the world had been hit by the hackers, including "at least" eight telecommunications and telecom infrastructure firms in the United States.
"The extent and depth and breadth of Chinese hacking is absolutely mind-boggling -- that we would permit as much as has happened in just the last year is terrifying," said Senator Richard Blumenthal.
Incoming FCC (BME:FCC) Chair Brendan Carr said Wednesday he will work "with national security agencies through the transition and next year in an effort to root out the threat and secure our networks."
U.S. officials have previously alleged the hackers targeted Verizon (NYSE:VZ), AT&T (NYSE:T), T-Mobile, Lumen and others and stole telephone audio intercepts along with a large tranche of call record data.
T-Mobile said it does not believe hackers got access to its customer information. Lumen said there is no evidence customer data was accessed on its network.
Verizon CEO Hans Vestberg, AT&T CEO John Stankey, Lumen CEO Kate Johnson and T-Mobile took part in a Nov. 22 White House meeting on the issue.
Verizon said "several weeks ago, we became aware that a highly sophisticated, nation-state actor accessed several of the nation’s telecom company networks, including Verizon" adding the incident was focused on a very small subset of individuals in government and politics.
AT&T said it is "working in close coordination with federal law enforcement, industry peers and cyber security experts to identify and remediate any impact on our networks."
Chinese officials have previously described the allegations as disinformation and said Beijing "firmly opposes and combats cyber attacks and cyber theft in all forms."
CISA told reporters on Tuesday that it could not offer a timetable for ridding America's telecom networks of all hackers.
"It would be impossible for us to predict when we'll have full eviction," CISA official Jeff Greene said.