Threat Intel Solutions

#### [Security](/security/)Salt Typhoon forces FCC’s hand on making telcos secure their networks=====================================================================Proposal pushes stricter infosec safeguards after Chinese state baddies expose vulns————————————————————————————[Dan Robinson](/Author/Dan-Robinson ‘Read more by this author’) Fri 6 Dec 2024 // 18:27 UTC [](https://www.reddit.com/submit?url=https://www.theregister.com/2024/12/06/salt_typhoon_fcc_proposal/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dreddit&title=Salt%20Typhoon%20forces%20FCC%27s%20hand%20on%20making%20telcos%20secure%20their%20networks) [](https://twitter.com/intent/tweet?text=Salt%20Typhoon%20forces%20FCC%27s%20hand%20on%20making%20telcos%20secure%20their%20networks&url=https://www.theregister.com/2024/12/06/salt_typhoon_fcc_proposal/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dtwitter&via=theregister) [](https://www.facebook.com/dialog/feed?app_id=1404095453459035&display=popup&link=https://www.theregister.com/2024/12/06/salt_typhoon_fcc_proposal/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dfacebook) [](https://www.linkedin.com/shareArticle?mini=true&url=https://www.theregister.com/2024/12/06/salt_typhoon_fcc_proposal/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dlinkedin&title=Salt%20Typhoon%20forces%20FCC%27s%20hand%20on%20making%20telcos%20secure%20their%20networks&summary=Proposal%20pushes%20stricter%20infosec%20safeguards%20after%20Chinese%20state%20baddies%20expose%20vulns) [](https://api.whatsapp.com/send?text=https://www.theregister.com/2024/12/06/salt_typhoon_fcc_proposal/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dwhatsapp) The head of America’s Federal Communications Commission (FCC) wants to force telecoms operators to tighten network security in the wake of the Salt Typhoon revelations, and to submit an annual report detailing measures taken.Jessica Rosenworcel, outgoing chair of the US telecoms regulator, has proposed rules that would require the nation’s carriers to safeguard their infrastructure against illicit access or interception of communications in an effort to bolster them against cyberattacks.The proposal centers on a draft Declaratory Ruling that puts a new interpretation on section 105 of the Communications Assistance for Law Enforcement Act (CALEA) as requiring telcos to take action to lock down their networks. This particular legislation was passed 30 years ago during the presidency of Bill Clinton and ensures telcos have the ability to comply with wiretapping requests from law enforcement. Section 105 requires a carrier to make certain that any interception of communications can only be carried out with lawful authorization.  The FCC also wants these network service providers to submit an annual certification attesting they have created, updated, and implemented a cybersecurity risk management plan.’The cybersecurity of our nation’s communications critical infrastructure is essential to promoting national security, public safety, and economic security,’ Rosenworcel said in a statement. ‘As technology continues to advance, so do the capabilities of adversaries, which means the US must adapt and reinforce our defenses.’ If adopted, the Declaratory Ruling would take effect immediately, according to the FCC. The agency is to also seek comment on security risk management requirements for communications providers, as well as other ways to boost the resilience of communications systems and services.The urgent call for action follows discovery that China-backed cyber baddies entirely compromised telecommunications infrastructure in the US and elsewhere via the so-called months-long Salt Typhoon campaign which affected at least eight operators in the US alone.* [Microsoft: Another Chinese cyberspy crew targeting US critical orgs ‘as of yesterday’](https://www.theregister.com/2024/12/06/chinese_cyberspy_us_data/)* [T-Mobile US CSO: Spies jumped from one telco to another in a way ‘I’ve not seen in my career’](https://www.theregister.com/2024/12/05/tmobile_cso_telecom_attack/)* [Salt Typhoon’s surge extends far beyond US telcos](https://www.theregister.com/2024/11/27/salt_typhoons_us_telcos/)* [China has utterly pwned ‘thousands and thousands’ of devices at US telcos](https://www.theregister.com/2024/11/25/salt_typhoon_mark_warner_warning/)It was reported last month that a great many devices within US telcos were targeted by the attackers, allowing them to establish a persistent presence that may require the replacement of ‘[literally thousands and thousands and thousands](https://www.theregister.com/2024/11/25/salt_typhoon_mark_warner_warning/)’ of switches and routers.The attackers are believed to have [compromised the wiretapping systems](https://www.theregister.com/2024/10/11/us_lawmakers_salt_typhoon/) used by law enforcement in at least some instances, hence the focus on the CALEA legislation being taken by the FCC to address the issue.It isn’t just the US alone that is affected, as *The Reg* [reported](https://www.theregister.com/2024/11/27/salt_typhoons_us_telcos/) at the end of November. The same vulnerabilities which left American telecoms networks wide open to foes are likely replicated worldwide and are a result of [regulatory failures](https://www.theregister.com/2024/12/02/telco_security_opinion/) and a lax attitude to security by companies.The situation is so dire the US Cybersecurity and Infrastructure Security Agency (CISA) issued guidance this week including [advice on using encrypted messaging](https://www.nbcnews.com/tech/security/us-officials-urge-americans-use-encrypted-apps-cyberattack-rcna182694) to protect information — a notable shift from governments constantly [trying to erode encryption](https://www.theregister.com/2023/04/18/wrong_time_to_weaken_encryption/) so they can snoop on communications themselves. ® [Sponsored: When the going gets tough, the tough get rugged](https://go.theregister.com/tl/3108/shttps://www.theregister.com/2024/11/18/when_the_going_gets_tough/) Share [](https://www.reddit.com/submit?url=https://www.theregister.com/2024/12/06/salt_typhoon_fcc_proposal/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dreddit&title=Salt%20Typhoon%20forces%20FCC%27s%20hand%20on%20making%20telcos%20secure%20their%20networks) [](https://twitter.com/intent/tweet?text=Salt%20Typhoon%20forces%20FCC%27s%20hand%20on%20making%20telcos%20secure%20their%20networks&url=https://www.theregister.com/2024/12/06/salt_typhoon_fcc_proposal/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dtwitter&via=theregister) [](https://www.facebook.com/dialog/feed?app_id=1404095453459035&display=popup&link=https://www.theregister.com/2024/12/06/salt_typhoon_fcc_proposal/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dfacebook) [](https://www.linkedin.com/shareArticle?mini=true&url=https://www.theregister.com/2024/12/06/salt_typhoon_fcc_proposal/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dlinkedin&title=Salt%20Typhoon%20forces%20FCC%27s%20hand%20on%20making%20telcos%20secure%20their%20networks&summary=Proposal%20pushes%20stricter%20infosec%20safeguards%20after%20Chinese%20state%20baddies%20expose%20vulns) [](https://api.whatsapp.com/send?text=https://www.theregister.com/2024/12/06/salt_typhoon_fcc_proposal/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dwhatsapp) #### More about* [China](/Tag/China/)* [FCC](/Tag/FCC/)* [Telecommunications](/Tag/Telecommunications/) More like these × ### More about* [China](/Tag/China/)* [FCC](/Tag/FCC/)* [Telecommunications](/Tag/Telecommunications/) ### Narrower topics* [5G](/Tag/5G/)* [AT-&T](/Tag/AT%26T/)* [British Telecom](/Tag/British%20Telecom/)* [China Mobile](/Tag/China%20Mobile/)* [China telecom](/Tag/China%20telecom/)* [China Unicom](/Tag/China%20Unicom/)* [Comcast](/Tag/Comcast/)* [Cyberspace Administration of China](/Tag/Cyberspace%20Administration%20of%20China/)* [EE](/Tag/EE/)* [Emergency Services Network](/Tag/Emergency%20Services%20Network/)* [Ericsson](/Tag/Ericsson/)* [Great Firewall](/Tag/Great%20Firewall/)* [Hong Kong](/Tag/Hong%20Kong/)* [Information Technology and the People’s Republic of China](/Tag/Information%20Technology%20and%20the%20People%27s%20Republic%20of%20China/)* [JD.com](/Tag/JD.com/)* [Mobile Network](/Tag/Mobile%20Network/)* [National Broadband Network](/Tag/National%20Broadband%20Network/)* [NTT](/Tag/NTT/)* [Orange](/Tag/Orange/)* [Semiconductor Manufacturing International Corporation](/Tag/Semiconductor%20Manufacturing%20International%20Corporation/)* [Shenzhen](/Tag/Shenzhen/)* [Telecommunications Act of 1996](/Tag/Telecommunications%20Act%20of%201996/)* [TETRA](/Tag/TETRA/)* [Uyghur Muslims](/Tag/Uyghur%20Muslims/)* [Verizon](/Tag/Verizon/)* [Vodafone](/Tag/Vodafone/)* [Voice over IP](/Tag/Voice%20over%20IP/) ### Broader topics* [APAC](/Tag/APAC/)* [Sector](/Tag/Sector/) #### More aboutShare [](https://www.reddit.com/submit?url=https://www.theregister.com/2024/12/06/salt_typhoon_fcc_proposal/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dreddit&title=Salt%20Typhoon%20forces%20FCC%27s%20hand%20on%20making%20telcos%20secure%20their%20networks) [](https://twitter.com/intent/tweet?text=Salt%20Typhoon%20forces%20FCC%27s%20hand%20on%20making%20telcos%20secure%20their%20networks&url=https://www.theregister.com/2024/12/06/salt_typhoon_fcc_proposal/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dtwitter&via=theregister) [](https://www.facebook.com/dialog/feed?app_id=1404095453459035&display=popup&link=https://www.theregister.com/2024/12/06/salt_typhoon_fcc_proposal/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dfacebook) [](https://www.linkedin.com/shareArticle?mini=true&url=https://www.theregister.com/2024/12/06/salt_typhoon_fcc_proposal/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dlinkedin&title=Salt%20Typhoon%20forces%20FCC%27s%20hand%20on%20making%20telcos%20secure%20their%20networks&summary=Proposal%20pushes%20stricter%20infosec%20safeguards%20after%20Chinese%20state%20baddies%20expose%20vulns) [](https://api.whatsapp.com/send?text=https://www.theregister.com/2024/12/06/salt_typhoon_fcc_proposal/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dwhatsapp) POST A COMMENT #### More about* [China](/Tag/China/)* [FCC](/Tag/FCC/)* [Telecommunications](/Tag/Telecommunications/) More like these × ### More about* [China](/Tag/China/)* [FCC](/Tag/FCC/)* [Telecommunications](/Tag/Telecommunications/) ### Narrower topics* [5G](/Tag/5G/)* [AT-&T](/Tag/AT%26T/)* [British Telecom](/Tag/British%20Telecom/)* [China Mobile](/Tag/China%20Mobile/)* [China telecom](/Tag/China%20telecom/)* [China Unicom](/Tag/China%20Unicom/)* [Comcast](/Tag/Comcast/)* [Cyberspace Administration of China](/Tag/Cyberspace%20Administration%20of%20China/)* [EE](/Tag/EE/)* [Emergency Services Network](/Tag/Emergency%20Services%20Network/)* [Ericsson](/Tag/Ericsson/)* [Great Firewall](/Tag/Great%20Firewall/)* [Hong Kong](/Tag/Hong%20Kong/)* [Information Technology and the People’s Republic of China](/Tag/Information%20Technology%20and%20the%20People%27s%20Republic%20of%20China/)* [JD.com](/Tag/JD.com/)* [Mobile Network](/Tag/Mobile%20Network/)* [National Broadband Network](/Tag/National%20Broadband%20Network/)* [NTT](/Tag/NTT/)* [Orange](/Tag/Orange/)* [Semiconductor Manufacturing International Corporation](/Tag/Semiconductor%20Manufacturing%20International%20Corporation/)* [Shenzhen](/Tag/Shenzhen/)* [Telecommunications Act of 1996](/Tag/Telecommunications%20Act%20of%201996/)* [TETRA](/Tag/TETRA/)* [Uyghur Muslims](/Tag/Uyghur%20Muslims/)* [Verizon](/Tag/Verizon/)* [Vodafone](/Tag/Vodafone/)* [Voice over IP](/Tag/Voice%20over%20IP/) ### Broader topics* [APAC](/Tag/APAC/)* [Sector](/Tag/Sector/) #### TIP US OFF[Send us news](https://www.theregister.com/Profile/contact/)[#### China has utterly pwned ‘thousands and thousands’ of devices at US telcosSenate Intelligence Committee chair says his ‘hair is on fire’ as execs front the White HouseCyber-crime11 days -| 51](/2024/11/25/salt_typhoon_mark_warner_warning/?td=keepreading) [#### Telco security is a dumpster fire and everyone’s getting burnedOpinion The politics of cybersecurity are too important to be left to the politiciansSecurity4 days -| 61](/2024/12/02/telco_security_opinion/?td=keepreading) [#### Trump’s pick to run the FCC has told us what he plans: TikTok ban, space broadband, and Section 230 reformLoathes Big Tech and is not at all keen on net neutralityPublic Sector18 days -| 123](/2024/11/19/brendan_carr_fcc/?td=keepreading) [#### An easy route to AI-enhanced productivityHow the integration of Google Gemini across Google Workspace turbo charges existing apps with AI powerSponsored Feature](/2024/10/07/an_easy_route_to_aienhanced/?td=keepreading) [#### Beijing wants Chinese outfits to seek alternatives to US siliconAnd American components may be in short supply as Middle Kingdom bans rare earth exportsPublic Sector2 days -| 22](/2024/12/05/china_stop_buying_us_chips_advice/?td=keepreading) [#### Musk and Trump to fall out in 2025, predicts analystCanalys Forums APAC Differing China tech policy agendas will send bromance into ‘it’s complicated’ statusAI + ML2 days -| 157](/2024/12/04/musk_trump_china_agenda/?td=keepreading) [#### Chinese cyberspies, Musk’s Beijing ties, labelled ‘real risk’ to US security by senatorMeet Liminal Panda, which prowls telecom networks in South Asia and AfricaCSO16 days -| 32](/2024/11/20/musk_chinese_cyberspies/?td=keepreading) [#### China launches first next-gen Long March 12 rocket, christens private spaceportWon’t scare SpaceX as it’s not reusable, but will help Beijing do things like launch broadband satsScience5 days -| 3](/2024/12/02/china_long_march_12_launch/?td=keepreading) [#### China’s tech giants deliver chips for Ethernet variant tuned to HPC and AI workloads’Global Scheduling Ethernet’ looks a lot like tech the Ultra Ethernet Consortium is also working onNetworks11 days -| 1](/2024/11/26/global_scheduling_ethernet_china_uec/?td=keepreading) [#### T-Mobile US CSO: Spies jumped from one telco to another in a way ‘I’ve not seen in my career’interview Security chief talks to El Reg as Feds urge everyone to use encrypted chatCSO2 days -| 51](/2024/12/05/tmobile_cso_telecom_attack/?td=keepreading) [#### Trump tariffs transform into bigger threats for Mexico, Canada than ChinaAmerica’s neighbors now face 25% because of fentanyl and immigration, China just 10% on top of existing dutiesSystems10 days -| 275](/2024/11/26/trump_tariffs_mexico_canada/?td=keepreading) [#### Telco engineer who spied on US employer for Beijing gets four years in the clinkProvides insight to how China gets inside US systems, perhaps at Verizon and InfosysCyber-crime10 days -| 15](/2024/11/27/telco_spy_beijing_jailed/?td=keepreading)

Related Tags:
NAICS: 48 – Transportation

NAICS: 921 – Executive

Legislative

Other General Government Support

NAICS: 54 – Professional

Scientific

Technical Services

NAICS: 517 – Telecommunications

NAICS: 541 – Professional

Scientific

Technical Services

NAICS: 518 – Computing Infrastructure Providers

Data Processing

Web Hosting

Related Services

NAICS: 92 – Public Administration

NAICS: 51 – Information

NAICS: 928 – National Security And International Affairs

Associated Indicators: