US phone companies could face fines for weak security under a proposed new rule

  News, Rassegna Stampa
image_pdfimage_print

Following news that foreign hackers may still be in US telecom networks, the Federal Communications Commission proposed a new rule that would require telecom companies to secure their networks from “unlawful access or interception of communications.” It would also force providers to submit an annual certification to the FCC stating they have implemented a plan to counter cybersecurity threats.

On Wednesday, US officials recommended Americans use encrypted apps to make phone calls and texts in response to the ongoing infiltration of telecom networks linked to the Chinese hacking group Salt Typhoon. Deputy national security advisor Anne Neuberger confirmed that at least eight telecom providers have been impacted by the hack, as reported by Bleeping Computer.

“We cannot say with certainty that the adversary has been evicted because we still don’t know the scope of what they’re doing,” Neuberger said during a press briefing, Bleeping Computer reports. Neuberger added that the attack has been going on for “likely one to two years” but doesn’t “believe any classified communications has been compromised.”

If the FCC’s proposed rule is adopted, it will go into effect immediately.

“While the Commission’s counterparts in the intelligence community are determining the scope and impact of the Salt Typhoon attack, we need to put in place a modern framework to help companies secure their networks and better prevent and respond to cyberattacks in the future,” FCC Chair Jessica Rosenworcel said in the press release.

https://www.theverge.com/2024/12/5/24314330/fcc-telecom-security-rule-salt-typhoon-hack