Salt Typhoon still reverberating: Salt Typhoon impacted major carriers including AT&T, Charter Communications, Consolidated Communications, Lumen Technologies, T-Mobile, Verizon, and Windstream. But law enforcement and intelligence agencies caution that its impact is far more widespread, exposing at least 200 US organizations, plus entities in 80 other countries.According to federal investigations, the attack allowed the Chinese government to record phone calls, geolocate millions of individuals, and target specific individuals including the US president and vice president. The group initially exploited the routers of telecom providers, using the devices and trusted connections to move into other networks and, among other actions, access information on wiretap systems used by federal law enforcement.Salt Typhoon is “one of the worst cyberattacks in history,” said US Senator Maria Cantwell, ranking member of the Senate Committee on Commerce, Science and Transportation, who strongly opposed the ruling’s reversal.FCC Commissioner Anna M. Gomez, the only FCC member who voted against the decision, noted that the move “will leave Americans less protected than they were the day the Salt Typhoon breach was discovered.”
Reversal ‘leaves the country less secure’: The January Declaratory Ruling was the “only concrete federal regulatory action” taken in response to the Salt Typhoon attack, she noted. The attempt by the Chinese-backed group will not be the last, she emphasized; in fact, without stronger security controls, it will also “not be the last successful one.””The FCC leaves the country less secure at the very moment when these threats are increasing,” said Gomez.Senator Cantwell pointed out that the reversal has come after “heavy lobbying” to reverse it from the very telecom providers targeted by Salt Typhoon. She had previously demanded that CEOs at Verizon and AT&T document how they were remediating exploits that “deeply penetrated their networks,” but they have failed to provide this information.”I am concerned that [the FCC] move to drop cybersecurity requirements on carriers is part of a pattern of weakness on national security issues,” Cantwell argued.Beauceron’s Shipley was less measured in his criticism of the reversal. He called it “shockingly incompetent,” particularly in light of how much damage Chinese nation state hackers have done in the telecommunication sector over the past two years. Hopefully, Congress will step in, he said.Ultimately, he said, “I would struggle to find a dumber idea than rolling back the cyber security standards for telecommunications providers.”
First seen on csoonline.com
Jump to article: www.csoonline.com/article/4094745/fcc-reversal-removes-federal-cyber-safeguards-targeting-telecom-weaknesses-post-salt-typhoon-attacks.html
