- FCC revokes cybersecurity rules for telecom companies
- These protections were put in place after the network intrusion by the Chinese threat actor Salt Typhoon
- The Trump administration is removing regulations across the industry
The Republican-led Federal Communications Commission (FCC) has voted to remove measures implemented in the wake of the Salt Typhoon attack.
The mandated protections required carriers to put in place basic security controls and network protections — and encouraged cooperation among the major network providers to protect consumers and national security.
The Salt Typhoone attacks saw threat actors lurking inside US telecommunications networks for up to a year – exfiltrating data in one of the largest cyber espionage campaigns on record.
‘Neither legal nor effective’
The FCC voted to revoke the ruling, arguing that it was “ineffective because it was neither responsive to the nature of the relevant cybersecurity threats nor consistent with the agile and collaborative approach to cybersecurity that has proven successful,” the commission documents note.
FCC members argue that telecom companies are voluntarily strengthening their cybersecurity and hardening their networks against intrusions, so the rules are an onerous legal burden on companies that are already doing the work.
Secretary Marlene Dortch said the safeguards ruling “applies the same inflexible, overarching cybersecurity requirements to all telecommunications companies, regardless of their risk, size or organizational posture.”
“This vague and amorphous standard risks imposing costly new burdens on many providers that are either not relevant to the potential threats they face or are redundant because those providers may already employ sufficient cybersecurity practices to reasonably reduce the risk of successful exploits by the most sophisticated threat actors,” she wrote.
The move follows a predictable pattern in a Trump administration that has repeatedly illustrated its deprioritization of online protection, having already decimated government cybersecurity services through layoffs and reassignments within CISA.
The administration has also demonstrated its goals of deregulation, particularly in the tech industry — even going so far as to override state laws to dismantle existing protections for consumers of AI to give AI companies more freedoms.
Via The record
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
