FCC Proposes New Cybersecurity Rules for Telecom Companies After Chinese Hack

The Salt Typhoon hacking campaign has exposed vulnerabilities in U.S. telecom networks, prompting the FCC to push for stricter security measures and annual compliance certifications.

• The Federal Communications Commission has proposed a rule requiring telecom companies to implement cybersecurity plans and submit annual certifications to confirm compliance.
• The move follows revelations of a prolonged hacking campaign, dubbed Salt Typhoon, allegedly carried out by Chinese state-sponsored actors targeting U.S. telecom networks.
• At least eight telecom providers, including AT&T, Verizon, and Lumen, were reportedly infiltrated, with some attacks linked to the 2024 U.S. presidential campaigns.
• Deputy National Security Advisor Anne Neuberger stated the hackers have been active for one to two years, though no classified communications are believed to have been compromised.
• If adopted, the FCC’s rule would enable financial penalties for companies failing to secure their networks, marking the first use of federal wiretapping law for such enforcement.

3 Articles

The Verge Washington Post