US senators vow action after briefing on Chinese Salt Typhoon telecom hacking
By: David Shepardson and Richard Cowan (Reuters via Yahoo Finance)
So, the government can force people to buy electric appliances, install solar panels on new construction, buy insurance of all types, censor our language, force participation in DEI cultural celebrations, and micro-manage what we can buy. But government cannot force telecoms to adopt the simple security measure of including encryption in their services?
Why doesn't Congress require all electronic operating systems to include a VPN and data encryption? That's certainly possible; Russian software companies have sold that type of software. Yes, an encrypted bit of data can be cracked. But the crack won't work on all data.
The need for system-wide encryption is becoming more urgent as OS vendors attempt to force use of cloud storage to create a revenue stream. The arguments by intelligence agencies that personal security adversely affects national security has been invalidated by the growing severity of security breeches. The current situation is that the government is not protecting our communications and data and the government is actively opposing private means to protect our communications and data. Under the current governmental policy environment, only criminals and the affluent can protect themselves.
S E E D E D C O N T E N T
WASHINGTON (Reuters) -U.S. government agencies held a classified briefing for all senators on Wednesday on China's alleged efforts known as Salt Typhoon to burrow deep into American telecommunications companies and steal data about U.S. calls.
The FBI, Director of National Intelligence Avril Haines, Federal Communications Commission Chair Jessica Rosenworcel, the National Security Council and the Cybersecurity and Infrastructure Security Agency were among the participants in the closed-door briefing, officials told Reuters.
Democratic Senator Ron Wyden told reporters after the briefing he was working to draft legislation on this issue, while Senator Bob Casey said he had "great concern" about the breach and added it may not be until next year before Congress can address the issue.
Republican Senator Rick Scott expressed frustration with the briefing. "They have not told us why they didn't catch it; what they could have done to prevent it."
Separately, a Senate Commerce subcommittee will hold a Dec. 11 hearing on Salt Typhoon and how "security threats pose risks to our communications networks, and review best practices." The hearing will include Competitive Carriers Association CEO Tim Donovan.
There is growing concern about the size and scope of the reported Chinese hacking into U.S. telecommunications networks and questions about when companies and the government can assure Americans over the matter.
A U.S. official told reporters a large number of Americans' metadata has been stolen in the sweeping cyber espionage campaign, adding dozens of companies across the world had been hit by the hackers, including "at least" eight telecommunications and telecom infrastructure firms in the United States.
"The extent and depth and breadth of Chinese hacking is absolutely mind-boggling -- that we would permit as much as has happened in just the last year is terrifying," said Senator Richard Blumenthal.
Incoming FCC Chair Brendan Carr said Wednesday he will work "with national security agencies through the transition and next year in an effort to root out the threat and secure our networks."
U.S. officials have previously alleged the hackers targeted Verizon, AT&T, T-Mobile, Lumen and others and stole telephone audio intercepts along with a large tranche of call record data.
T-Mobile said it does not believe hackers got access to its customer information. Lumen said there is no evidence customer data was accessed on its network.
Verizon CEO Hans Vestberg, AT&T CEO John Stankey, Lumen CEO Kate Johnson and T-Mobile took part in a Nov. 22 White House meeting on the issue.
Verizon said "several weeks ago, we became aware that a highly sophisticated, nation-state actor accessed several of the nation's telecom company networks, including Verizon" adding the incident was focused on a very small subset of individuals in government and politics.
AT&T said it is "working in close coordination with federal law enforcement, industry peers and cyber security experts to identify and remediate any impact on our networks."
Chinese officials have previously described the allegations as disinformation and said Beijing "firmly opposes and combats cyber attacks and cyber theft in all forms."
CISA told reporters on Tuesday that it could not offer a timetable for ridding America's telecom networks of all hackers.
"It would be impossible for us to predict when we'll have full eviction," CISA official Jeff Greene said.
(Reporting by David Shepardson; editing by Jason Neely, Jonathan Oatis and Diane Craft)
Tags
Who is online
283 visitors
The remedy seems rather straightforward. A government imposed requirement to encrypt telecommunications and cloud storage would add a layer of protection for users and consumers. Is failure to require these simple protections driven by money? Or has the FBI become addicted to eavesdropping on phone sex?
Congress hasn't done anything to protect the American public in the past. The remedy is simple, easy to deploy, and will definitely improve security over shared networks. But, no, Congress will just scream at the sky, find scapegoats, and kick the can.
Why is anyone surprised? It's been known for years that nations spy on each other, and America is not exactly innocent either. This meme wasn't JUST a stroke of creativity.