
The Federal Communications Commission (FCC) has issued immediate orders requiring U.S. telecommunications carriers to strengthen their network security following the extensive Salt Typhoon cyber attacks. FCC Chairwoman Jessica Rosenworcel emphasized the urgency of this action, implementing a declaratory ruling under section 105 of the Communications Assistance for Law Enforcement Act (CALEA).
Key Security Measures:
– Mandatory network protection against unauthorized access and interception
– Annual cybersecurity risk management plan certifications
– Enhanced communications system security protocols
Impact of Salt Typhoon Breaches:
– Nine major U.S. carriers compromised, including Verizon, AT&T, and Lumen Technologies
– Access gained to law enforcement wiretapping platforms
– Compromise of government officials’ private communications
– Multiple international telecom companies affected
Corporate Response:
– AT&T, Verizon, and Lumen confirmed removal of hackers by December 30
– T-Mobile reported and successfully defended against a separate network reconnaissance attempt
Government Actions:
– Plans to ban China Telecom’s remaining U.S. operations
– Potential ban on TP-Link routers pending security investigation results
– Support from National Security Advisor Jake Sullivan for strengthened cybersecurity measures
The FCC’s ruling represents a significant step toward protecting U.S. telecommunications infrastructure against sophisticated nation-state cyber threats, particularly those originating from China’s cyber operations.