News

Salt Typhoon Cyberattack Prompts Action from FCC, CISA, FBI, and More

23 December 2024
Instant alert - Privacy and Cybersecurity
Instant alert - Privacy and Cybersecurity

A recent attack by Chinese hacking group “Salt Typhoon” hit major U.S. telecommunications providers and exposed Americans’ call record metadata. Following this attack, the FCC and other agencies have taken steps to help telecommunications providers secure their networks and prevent future attacks. 

On December 4, the U.S. government disclosed that a large number of Americans’ metadata was stolen in a cyberespionage campaign run by Chinese hacking group “Salt Typhoon.” The attack hit at least eight telecommunications/telecommunications infrastructure firms in the U.S.. The call record metadata Salt Typhoon was able to access included information such as who individuals called, how long the calls were, and where the callers called from. The group is alleged to have been searching for corporate intellectual property and targeting high-ranking government officials such as Kamala Harris and Donald Trump. Investigators are still assessing the full scope of the attack.

Following the announcement of the breach, various agencies have taken steps to help combat telecommunications vulnerabilities. The FCC proposed a Declaratory Ruling confirming that telecommunications carriers are legally obligated to take steps to secure their networks against hackers under the Communications Assistance for Law Enforcement Act. If adopted, the Declaratory Ruling would take effect immediately. The FCC also published a Notice of Proposed Rulemaking that would require telecommunications providers to make an annual attestation certifying that they have a cybersecurity risk management plan in place and are complying with such plan.

Interagency guidance co-signed by CISA, the FBI, the NSA, and government partners from Australia, Canada, and New Zealand offers network defenders of communications infrastructure a list of  best practices “to strengthen their visibility and harden their network devices against successful exploitation.” This guidance focuses on increasing visibility, hardening systems and devices through access controls and disabling VPNs, and recognizing and addressing vulnerabilities specific to frequently targeted vendors. 

Most recently, CISA recommended that senior government officials should adhere to a series of best practices when using mobile devices, including immediately switching to end-to-end encrypted messaging and communications. 

Authored by Nathan Salminen, Emma Kotfica

Contacts

bio-image

Nathan Salminen

Partner

location Washington, D.C.

bio-image

Emma Kotfica

Associate

location Washington, D.C.

View more

Related topics

Related countries

Load more

Related keywords

Load more

More like this

image_1
News

AI issue spotting | California adopts AI laws focused on health and life sciences

09 January 2025
image_1
News

The Data Chronicles | The 2024 year-end review and 2025 predictions episode

19 December 2024
image_1
News

The Influencers Podcast: From Courtroom to Cybercrime Prevention

18 December 2024
image_1
News

Security Snippets: Survey indicates that a large share of employees circumvent company cyber policies

18 December 2024
image_1
News

The Data Chronicles | A matter of national security — U.S. regulation of cross-border data transfers

18 December 2024
image_1
News

5 Members of the Scattered Spider Cybercrime Group Federally Charged on November 20, 2024

16 December 2024
image_1
News

The Data Chronicles | U.S. data protection policy after the 2024 election

12 December 2024
image_1
News

TSA rule would require cyber risk management for railroads, buses, and pipeline operators

09 December 2024
image_1
Insights and Analysis

CFPB targets data broker industry in proposed amendments to Fair Credit Report Act regulations

06 December 2024
left_arrow
right_arrow

View more insights and analysis

arrow
arrow

Register now to receive personalized content and more!

 

Register
close
See benefits
Register