FCC orders telecoms to secure their networks after Salt Tyhpoon hacks
The Federal Communications Commission (FCC) has ordered U.S. telecommunications carriers to secure their networks following last year's Salt Typhoon security breaches.
Today's action comes after FCC Chairwoman Jessica Rosenworcel said in early December that the FCC would act "urgently" to require U.S. carriers to secure their systems from cyberattacks.
"We now have a choice to make. We can turn the other way and hope this threat goes away. But hope is not a plan," Rosenworcel said on Friday. "In light of the vulnerabilities exposed by Salt Typhoon, we need to take action to secure our networks. The time to take this action is now. We do not have the luxury of waiting."
The Commission adopted a declaratory ruling that "takes effect immediately," finding that section 105 of the Communications Assistance for Law Enforcement Act (CALEA) requires telecom companies to secure their networks from communications interception and unlawful access.
The FCC also wants to strengthen communications against future cyberattacks by requiring telecoms to submit annual certifications confirming that they have an up-to-date cybersecurity risk management plan. Additionally, it seeks comment on other ways to strengthen the cybersecurity of communications systems and services.
"The FCC's Declaratory Ruling and Notice of Proposed Rulemaking is a critical step to require U.S. telecoms to improve cybersecurity to meet today's nation state threats, including those from China's well-resourced and sophisticated offensive cyber program," National Security Advisor Jake Sullivan added.
The Salt Typhoon telecom breaches
CISA and the FBI confirmed the hacks in late October following reports that the Salt Typhoon Chinese hacking group had breached the networks of multiple telcos, including Verizon, AT&T, and Lumen Technologies. Throughout this campaign, the threat actors accessed the U.S. law enforcement's wiretapping platform and compromised the "private communications" of a "limited number" of U.S. government officials.
Anne Neuberger, the White House's deputy national security adviser for cyber and emerging technologies, told reporters that the hackers breached nine U.S. carriers (including Windstream, Charter, and Consolidated Communications) and telecom companies in dozens of other countries.
AT&T, Verizon, and Lumen announced on December 30 that they had evicted the Salt Typhoon hackers from their networks. However, this happened after the Chinese hackers accessed targeted individuals' text messages, voicemails, and phone calls.
T-Mobile also disclosed in November that unknown attackers breached some of its routers in a network reconnaissance attempt after connecting from a linked wireline provider's network. However, Jeff Simon, the company's Chief Security Officer, didn't link the incident to Salt Typhoon and said T-Mobile's cyber defenses stopped the attack.
In response to these breaches, U.S. authorities reportedly plan to ban China Telecom's last active operations in the United States. They're also considering banning TP-Link routers if an ongoing investigation shows their use in cyberattacks poses a national security risk.
Microsoft starts force upgrading Windows 11 22H2, 23H3 devices
Microsoft fixes Office 365 apps crashing on Windows Server systems
CVE-2024-20439 Cisco Smart Licensing Utility Static Credential Vulnerability
CVE-2025-2783 Google Chromium Mojo Sandbox Escape Vulnerability
CVE-2019-9874 Sitecore CMS and Experience Platform (XP) Deserialization Vulnerability
CVE-2019-9875 Sitecore CMS and Experience Platform (XP) Deserialization Vulnerability
CVE-2025-30154 reviewdog/action-setup GitHub Action Embedded Malicious Code Vulnerability
CVE-2025-1316 Edimax IC-7100 IP Camera OS Command Injection Vulnerability
CVE-2024-48248 NAKIVO Backup and Replication Absolute Path Traversal Vulnerability
CVE-2017-12637 SAP NetWeaver Directory Traversal Vulnerability
CVE-2025-24472 Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability
Free online web security scanner