Chinese intelligence has successfully infiltrated email accounts belonging to congressional staff members serving on influential House panels, according to findings detailed in a Financial Times report. The breach represents another chapter in an extensive cyber espionage endeavor identified as Salt Typhoon.
Beijing’s intelligence apparatus gained entry to electronic correspondence systems utilized by certain personnel working for the House China committee, along with assistants supporting the foreign affairs panel, intelligence oversight body, and armed services group, based on information from individuals with knowledge of the security violation. Investigators uncovered the unauthorized access in December.
These intrusions constitute the most recent development in a persistent cyber offensive against American telecommunications infrastructure conducted by the Ministry of State Security, which serves as China’s primary intelligence organization. One source briefed on the breach indicated uncertainty remains about whether the MSS obtained direct access to lawmakers’ personal email communications.
The Ministry of State Security has maintained Salt Typhoon operations for multiple years. This sophisticated surveillance mechanism provides Beijing with the capability to intercept unencrypted telephone conversations, text messages, and voicemail recordings of virtually every citizen in the United States. In certain instances, the system grants access to electronic mail accounts.
Salt Typhoon has successfully captured communications of high-ranking American officials during the previous two years, according to individuals familiar with the espionage operation.
Mark Warner, who holds the position of senior Democrat on the Senate intelligence panel, expressed bewilderment in December that Salt Typhoon had not generated greater public concern. “Unless you’re on an encrypted device, they can pick any one of us,” Warner told the Defense Writers Group.
Jake Sullivan, who served as national security adviser under former president Joe Biden, told the Financial Times following his departure from the White House that telecommunications corporations in the United States remained “highly vulnerable” to Salt Typhoon.
This surveillance campaign exists as just one component of numerous cyber espionage initiatives undertaken by Chinese intelligence services and the People’s Liberation Army that focus on American critical infrastructure.
During 2024, the FBI alongside other federal agencies announced that a Chinese government-backed hacking organization known as Volt Typhoon had successfully compromised energy networks, transportation systems, and communications infrastructure throughout the United States in ways that would provide advantages to China during any potential military confrontation with America.
Telecommunications companies operating in the United States have taken minimal action to defend against Salt Typhoon because implementing robust network security would require enormous financial investment. Warner stated in December that American networks face particular susceptibility because their construction occurred during an era when cyber security threats were not considered a pressing issue.
The Treasury Department had prepared to implement economic sanctions targeting MSS entities responsible for Salt Typhoon in December, but officials reversed that decision after concerns emerged that punitive measures might undermine the diplomatic rapprochement that Presidents Donald Trump and Xi Jinping established in October.
The four congressional committees targeted by the MSS operation refused to provide comment.
The Chinese embassy located in the United States rejected the accusations regarding Salt Typhoon. Liu Pengyu, serving as the embassy spokesperson, stated the following. “We firmly oppose the US side making unfounded speculation and accusations, using cyber security to smear and slander China, and spreading all kinds of disinformation about the so-called Chinese hacking threats.”
The breach underscores an urgent need for American policymakers to prioritize cyber defense infrastructure rather than continuing to allocate disproportionate resources toward conventional military capabilities designed for conflicts that increasingly resemble last century’s warfare. As digital espionage campaigns demonstrate the ability to compromise national security without firing a single shot, the gap between where threats actually exist and where defense spending flows continues to widen dangerously.
