Efforts to Secure US Telcos Beset by Salt Typhoon Might Fall Flat
The rules necessary to secure US communications have already been in place for 30 years, argues Sen. Wyden, the FCC just hasn't enforced them. It's unclear if they will help.
Coverage examines reports on Salt Typhoon, an alleged intrusion set, including infrastructure, disruption, and defensive guidance.
Search across headline titles and summaries.
Background for this topic.
Salt Typhoon is a name used by security researchers and government agencies for a suspected intrusion set linked in public reporting to compromises of telecommunications and other communications infrastructure. Reported incidents have involved access to provider networks and systems that could expose subscriber information, call-detail records, or communications-related data; the scope and attribution of individual cases remain subject to investigation.
The main security concern is prolonged access to high-value network environments, including internet-facing appliances, administrative systems, and monitoring or lawful-intercept infrastructure. Telecommunications operators and connected organizations should inventory and promptly patch exposed devices, restrict management access, enforce multifactor authentication, segment sensitive systems, rotate potentially exposed credentials, and retain authentication and network telemetry for threat hunting. Investigations should examine persistence and lateral movement rather than treating removal of one account or device as sufficient. Because communications data is highly sensitive, suspected access also warrants careful privacy assessment, evidence preservation, and coordination with applicable disclosure and regulatory processes.
The rules necessary to secure US communications have already been in place for 30 years, argues Sen. Wyden, the FCC just hasn't enforced them. It's unclear if they will help.
Sen. Wyden blasts FCC's 'failure' amid Salt Typhoon hacks US telecoms carriers would be required to implement minimum cyber security standards and ensure their systems are not susceptible to hacks by nation-state attackers – like Salt Typhoon – under legislation proposed by senator Ron Wyden (D-OR).…
U.S. Senator Ron Wyden of Oregon announced a new bill to secure the networks of American telecommunications companies breached by Salt Typhoon Chinese state hackers earlier this year. [...]
No word yet on who was snooped on. Any bets? Chinese cyberspies recorded "very senior" US political figures' calls, according to White House security boss Anne Neuberger.…