FCC Flashes a Help Signal

The Federal Communications Commission (FCC) has proposed immediate measures to strengthen the cybersecurity of US telecommunications infrastructure in response to the Salt Typhoon cyberespionage campaign allegedly linked to China.

• As reported in this channel last month, Salt Typhoon was behind several successful breaches of telecommunication service providers in the U.S., including Verizon, AT&T, Lumen Technologies, and T-Mobile,  stealing vast quantities of metadata and call records.

• Salt Typhoon also managed to tap into the private communications of some U.S. government officials and stole information related to court-authorized wiretapping requests.

• Announced earlier today, the FCC initiative includes a draft Declaratory Ruling that mandates telecom carriers to secure networks against unauthorized access under section 105 of the Communications Assistance for Law Enforcement Act (CALEA).

• The proposal requires service providers to submit annual certifications to the FCC, ensuring they have created, updated, and implemented a cybersecurity risk management plan to strengthen communications from future cyberattacks.

• The Commission aims to establish a robust framework for network security and threat response by requiring communications service providers to submit annual certifications of their cybersecurity plans, and will accept public input on expanding risk management requirements across a broad spectrum of communications providers

• Notably, experts warn of is that smaller providers may face resource constraints in compliance

• The proposals come after revelations of Salt Typhoon's extensive cyber intrusions, targeting US telecommunications networks and

• Top US security agencies, including the FBI, CISA, and NSA, briefed senators on the scope of the Salt Typhoon campaign, and US senators have called for legislative action, citing gaps in cybersecurity readiness.

• Telecom giants like Verizon and AT&T have collaborated with federal agencies to assess and remediate network vulnerabilities, and the attack has reignited concerns about Chinese cyber activities and their implications for US security and commerce.

• Of course, experts warn that addressing vulnerabilities may take years, emphasizing the need for swift yet comprehensive action to secure America's digital infrastructure.

For more information read here: https://www.csoonline.com/article/3605085/us-says-china-conducted-massive-espionage-through-breached-telcos.html?utm_date=20241115165619&utm_campaign=CSO%20US%20First%20Look&utm_content=slotno-1-title-US%20says%20China%20conducted%20massive%20espionage%20through%20breached%20telcos&utm_term=CSO%20US%20Editorial%20Newsletters&utm_medium=email&utm_source=Adestra&huid=