Congressman August Pfluger (TX-11), Chairman of the House Committee on Homeland Security's Subcommittee on Counterterrorism and Intelligence, questioned private sector cybersecurity professionals during a full-committee hearing titled, “Unconstrained Actors: Assessing Global Cyber Threats to the Homeland.”

The witnesses included Adam Meyers, Senior Vice President of Counter Adversary Operations at CrowdStrike; retired Rear Admiral Mark Montgomery, U.S. Navy, Senior Director of the Center on Cyber and Technology Innovation at the Foundation for Defense of Democracies; Brandon Wales, Vice President of Cybersecurity Strategy at SentinelOne; and Kemba Walden, President at Paladin Global Institute. Read the witnesses testimonies HERE.

Prior to his line of questioning, Chairman Pfluger highlighted the importance of being prepared for cyber threats, saying in part, “I appreciate this hearing and I will get right into it. When you look back at [cyberthreats such as] Volt Typhoon, Storm-0558, Salt Typhoon, and the list goes on and on, I am obviously worried about critical infrastructure not just in my own district that includes energy production, but also that of which affects every other aspect of our lives.”

Watch Chairman Pfluger question the witnesses on the government's response to Salt Typhoon (a CCP-linked group that spent ample time hacking critical U.S. telecoms), the need for one lead government agency to address cyber threats, and what potential threats keep the witnesses up at night that we need to be prepared for HERE.

Watch the hearing in its entirety HERE.

Background:

During the hearing, Chairman Pfluger mentioned his legislation called the Securing Every Vector, Enhancing Networks (SEVEN) Act, to strengthen America's defenses against cyber threats targeting the Signaling System 7 (SS7) telecommunications protocol, and urged its markup in committee this Congress. The legislation aims to address these vulnerabilities by coordinating efforts across the government and creating a task force of cybersecurity experts to develop solutions.

When the legislation was introduced last Congress, Chairman Pfluger stated, “Our adversaries around the globe are exploiting vulnerabilities in the digital backbone of our telecommunications infrastructure to spy on everyday Americans. The SEVEN Act will ensure the safety of U.S. networks by establishing a dedicated task force to address this issue head-on. We must act swiftly to protect our national security.”

SS7 is a global telecommunication protocol that facilitates call routing, billing, and messaging. It is a crucial backbone of modern communication systems but has significant vulnerabilities. Hackers with access to a SS7-specific license (known as a “Global Title”) can exploit SS7 to intercept calls, read messages, and track locations. In June, Reps. Pfluger and Weber sent a letter to the Federal Communications Commission and the Cybersecurity and Infrastructure Security Agency (CISA). This letter was prompted by a CISA employee’s claim that unauthorized attempts to access user location data through SS7 and related protocols have occurred in the U.S. By addressing these vulnerabilities, the SEVEN Act seeks to protect Americans' communications and bolster national security.