FCC: Telecom Firms Must ‘Immediately’ Secure Networks Amid China Threats

The agency says that attacks from groups such as Salt Typhoon prompted the order requiring U.S. telecoms to implement stronger cybersecurity measures.

The Federal Communications Commission (FCC) issued an order to U.S. telecommunications providers Friday that requires immediate implementation of stronger cybersecurity measures, in the wake of recent China-linked cyberattacks.

Citing its interpretation of the Communications Assistance for Law Enforcement Act in 1994, the FCC said in a release that the statute “affirmatively requires telecommunications carriers to secure their networks from unlawful access or interception of communications.”

[Related: 10 Major Ransomware Attacks And Data Breaches In 2024]

The FCC order to U.S. telecoms “takes effect immediately,” the agency said.

The spate of recent attacks by “state-sponsored cyber actors from the People’s Republic of China” prompted the action, according to the FCC.

The release specifically mentions Salt Typhoon, a China-linked espionage group held responsible for a months-long compromise last year of as many as nine U.S.-based telecommunications firms.

Some U.S. government officials saw their communications compromised in connection with the attacks, which have been described as the worst telecom hack in U.S. history by Sen. Mark R. Warner.

Media outlets reported in October that the Salt Typhoon attacks had targeted the campaigns of both of the then-candidates for president, Donald Trump and Kamala Harris, as well as then-vice presidential nominee JD Vance.

In a notice included in connection with the order, the FCC said that Salt Typhoon’s attacks impacted “three of the nation’s largest service providers, reportedly gaining unauthorized access to information and network infrastructure crucial to lawful federal wiretap and data collection requests.”

The notice also pointed to incidents attributed to a China-linked group tracked as Flax Typhoon that compromised hundreds of thousands of routers, cameras and other devices with Internet connectivity.

“These breaches highlight vulnerabilities that could allow adversaries to intercept U.S. communications and exploit critical network infrastructure, representing a potentially catastrophic security breach designed to enhance intelligence collection capabilities while positioning to disrupt infrastructure operations through cyberattacks,” the FCC said in the notice.

The Salt Typhoon attacks had impacted carriers including Verizon and AT&T. Verizon said a week ago that the cyberattack linked to Salt Typhoon has definitively been “contained,” also disclosing that a “small percentage” of customer call records were compromised.

The attacks have also reportedly impacted T-Mobile, Charter Communications, Windstream and Consolidated Communications. T-Mobile said previously that sensitive data belonging to customers was not impacted in the campaign.

In September, in action unrelated to the China attacks, the FCC reached settlements with AT&T and T-Mobile over breaches in prior years, which included requirements for implementing cybersecurity upgrades.