Four senators are urging the Department of Homeland Security to reinstate a review body created during the Biden administration to probe the causes of major cybersecurity incidents.
Democrats Mark Warner of Virginia, Richard Blumenthal of Connecticut, Elissa Slotkin of Michigan and Ron Wyden of Oregon asked DHS Secretary Kristi Noem on Friday to restore the Cyber Safety Review Board, dissolved in January in an effort to eliminate “misuse of resources” in alignment with Trump 2.0 priorities to make the federal government more efficient.
The move halted an ongoing CSRB investigation into the Salt Typhoon hacks, which involved a wide-ranging Chinese infiltration into a number of telecom providers in the U.S. and around the world. The hackers targeted the communications of a number of high-profile people, including people tied to President Donald Trump and Vice President JD Vance, when they likely exploited American providers’ “lawful intercept” wiretap request systems.
CSRB, which typically has 20 members from both the private sector and government, also investigated a separate Chinese hack into the Microsoft email inboxes of major officials around the summer of 2023, as well as the SolarWinds hack discovered about four years ago.
“When building cyber security capabilities, the software and IT ecosystem benefits tremendously from transparent, accessible, and rigorous research and forensics,” the senators wrote. “Against the backdrop of repeated insistence by this Administration on the need to leverage private sector and external expertise in government, the decision to dismantle this successful collaboration between the federal government and the private sector is particularly confounding.”
A DHS spokesperson did not immediately return a request for comment.
CSRB has faced criticism regarding its effectiveness, transparency and objectivity.
Member selection criteria is not entirely clear, one Republican lawmaker recently argued, adding that the opacity may allow industry members to curry favor with the Cybersecurity and Infrastructure Security Agency. That would potentially lead to conflicts of interest, especially if members are in positions to investigate competitors.
In late April, at the RSAC Conference in San Francisco, CrowdStrike co-founder Dmitri Alperovich — who was a member on the panel — said the board was unsustainable in its current form. During its Salt Typhoon investigation, some telecom companies became nervous about sharing information and told CISA they would not share details about the incident because the CSRB was part of CISA, he said, arguing that a new version of the board needs subpoena power to legally compel companies to speak about incidents.
Troy Edgar, the deputy secretary of Homeland Security, said in his February confirmation hearing that the board would be “reconstituted at the right time” and that it was “going in the wrong direction.”
