The U.S. federal government is reversing crucial cybersecurity mandates for telecom providers, aimed at safeguarding critical infrastructure in the wake of the Salt Typhoon attacks. The Federal Communications Commission (FCC) has withdrawn a January 2025 ruling that required telecom companies to implement and certify enhanced cybersecurity measures as mandated by the Communications Assistance for Law Enforcement Act (CALEA).
This reversal has drawn severe criticism from security experts and even from the FCC’s own commissioner, who called the decision "shockingly incompetent," indicating its potential to severely undermine national cybersecurity.
The Salt Typhoon attacks, revealed in October 2024, had compromised significant U.S. communication companies, allowing hackers to access core systems and sensitive information related to high-ranking officials. The January ruling aimed to hold telecom carriers accountable for securing their networks against unauthorized access and mandated annual certifications of cybersecurity risk management plans.
Despite these intentions, the FCC now claims that the original ruling was flawed and misinterpreted CALEA. They argue that telecom providers have made strides in fortifying their cybersecurity following the Salt Typhoon incident, asserting that these companies have engaged in extensive efforts to enhance their protections and mitigate cyber risks.
However, critics, including U.S. Senator Maria Cantwell, emphasize that the FCC’s reversal makes the country more vulnerable, particularly highlighting the influence of lobbying from the same telecom companies targeted by the Salt Typhoon attacks. Cantwell voiced concerns regarding the failure of major carriers to disclose how they are addressing the vulnerabilities that were exploited by cyber attackers.
Commissioner Anna M. Gomez, the only FCC member to oppose the decision, emphasized that this rollback detracts from the security measures put in place after the Salt Typhoon breach and stresses the growing threats that necessitate increased cybersecurity.
In summary, the FCC’s decision is viewed by many as a significant step backward in the fight against cyber threats. Critics warn that lax security regulations not only endanger telecom infrastructure but also pose risks to a broader range of organizations and national interests.
Welcome to DediRock, your trusted partner in high-performance hosting solutions. At DediRock, we specialize in providing dedicated servers, VPS hosting, and cloud services tailored to meet the unique needs of businesses and individuals alike. Our mission is to deliver reliable, scalable, and secure hosting solutions that empower our clients to achieve their digital goals. With a commitment to exceptional customer support, cutting-edge technology, and robust infrastructure, DediRock stands out as a leader in the hosting industry. Join us and experience the difference that dedicated service and unwavering reliability can make for your online presence. Launch our website.