Cybersecurity

Fcc Rolls Back Cybersecurity Rules For Telcos, Despite...

2025-11-21 0 views admin
Fcc Rolls Back Cybersecurity Rules For Telcos, Despite...

The Federal Communications Commission (FCC) has rolled back a previous ruling that required U.S. telecom carriers to implement stricter cybersecurity measures following the massive hack from the Chinese threat group known as Salt Typhoon.

The ruling came in January 2025 and took effect immediately under the Communications Assistance for Law Enforcement Act (CALEA), in response to Salt Typhoon's breaching multiple carriers to spy on private communications.

Along with Section 105 of the CALEA, the declaratory ruling included a Notice of Proposed Rulemaking (NPRM) for telecom companies to:

Following lobbying from telecommunication firms - according to a letter from Senator Maria Cantwell, that found the new framework too cumbersome and taxing for their operations, the FCC has now deemed the prior rule inflexible, retracting it.

“The Federal Communications Commission today took action to correct course and rescind an unlawful and ineffective prior Declaratory Ruling misconstruing the Communications Assistance for Law Enforcement Act (CALEA),” reads the FCC announcement.

“The Order also withdraws an NPRM that accompanied that Declaratory Ruling, which was based in part on the Declaratory Ruling’s flawed legal analysis and proposed ineffective cybersecurity requirements.”

The FCC, which is now under new leadership, noted that communications service providers have taken important steps to strengthen their cybersecurity posture following the Salt Typhoon incidents, and have agreed to continue along this path in a coordinated manner, reducing risks to national security.

Disclosed in October 2024, the Salt Typhoon attacks were linked to a Chinese espionage campaign that impacted several companies, including Verizon, AT&T, Lumen Technologies [1], T-Mobile [2], Charter Communications, Consolidated Communications [3], and Windstream [4].

The hackers accessed core systems that U.S. federal government used for court-authorized network wiretapping requests, and potentially intercepted extremely sensitive information, up to the level of government officials.

Given that the risk for similar hacker operations remains unchanged, the FCC’s latest decision was met with criticism.

Source: BleepingComputer

🏷️ Tags

cybersecuritysecurityhackbreachattack

More from Cybersecurity

Update: Attackers Exploit Zero-day In End-of-life D-link Routers 2026

Update: Attackers Exploit Zero-day In End-of-life D-link Routers 2026

2026-01-07 0
Critical Jspdf Flaw Lets Hackers Steal Secrets Via Generated Pdfs - Complete Guide

Critical Jspdf Flaw Lets Hackers Steal Secrets Via Generated Pdfs - Complete Guide

2026-01-07 0
Phishers Exploit Office 365 Users Who Let Their Guard Down 2026 - Analysis

Phishers Exploit Office 365 Users Who Let Their Guard Down 2026 - Analysis

2026-01-07 0
Breaking: Logitech Options+, G Hub Macos Apps Break After Certificate Expires

Breaking: Logitech Options+, G Hub Macos Apps Break After Certificate Expires

2026-01-07 0

Trending

1

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

2025-10-27 • 189 views
2

CVE-2025-43939: Dell Unity OS Command Injection (High)

2025-10-30 • 148 views
3

Google disputes false claims of massive Gmail data breach

2025-10-30 • 130 views
4

Microsoft: DNS outage impacts Azure and Microsoft 365 services

2025-10-30 • 88 views
5

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting

2025-11-25 • 81 views