Overview
- The Senate Commerce telecommunications subcommittee met Dec. 2 to review Salt Typhoon breaches and the FCC’s November move to rescind newly issued cybersecurity regulations.
- FCC Chair Brendan Carr, supported by Sens. Ted Cruz and Deb Fischer, defended withdrawing rules on legal obligations and annual cybersecurity plan attestations as rushed and ineffective, favoring voluntary collaboration.
- Former FCC public safety chief Debra Jordan urged a verification regime to ensure providers implement basic cyber hygiene, arguing voluntary pledges lack accountability.
- Sen. Maria Cantwell said major carriers declined to provide remediation documentation and cited unpatched systems, weak passwords, and absent multifactor authentication as key entry points.
- Witnesses and reports described Salt Typhoon as an ongoing national‑security risk that compromised at least nine U.S. networks, with UPI reporting data theft targeting President Donald Trump and Vice President JD Vance during the 2024 campaign, as Sen. Ben Ray Luján also criticized dismantling the Cyber Safety Review Board.