Skip to main content
close search
site logo
Dive Brief

Sen. Wyden wants FCC to tighten security rules on telecom companies

The U.S. senator from Oregon wants the agency to strengthen rules requiring network operators to defend their systems and customers against intrusions.

Published Dec. 13, 2024
Matt Kapko's headshot
Senior Reporter
Sen. Ron Wyden, D-Ore.
Sen. Ron Wyden, D-Ore., speaks to reporters at the U.S. Capitol on Oct. 26, 2021, in Washington, D.C. Wyden proposed legislation requiring stricter cybersecurity rules for telecom operators on Dec. 10, 2024. Drew Angerer/Getty Images via Getty Images

Dive Brief:

  • Sen. Ron Wyden, D-Ore., proposed regulation requiring the Federal Communications Commission to impose stricter cybersecurity rules on telecom operators in the wake of a swarm of China-government sponsored attacks on U.S. telecom companies. Wyden introduced the Secure American Communications Act on Tuesday. 
  • “It was inevitable that foreign hackers would burrow deep into the American communications system the moment the FCC decided to let phone companies write their own cybersecurity rules,” Wyden said in a statement. “Telecom companies and federal regulators were asleep on the job and as a result, Americans’ calls, messages, and phone records have been accessed by foreign spies intent on undermining our national security.”
  • Wyden’s legislative effort follows FCC Chair Jessica Rosenworcel’s proposed rule changes that would require telecom operators to secure their networks and maintain cybersecurity risk management plans. President-elect Donald Trump last month said he plans to nominate Brendan Carr, a current commissioner, to run the FCC as chair after he takes office.

Dive Insight:

Lawmakers, regulators and government officials are scrambling to respond to China-sponsored threat groups’ coordinated and sustained campaign to infiltrate critical infrastructure. Cybersecurity largely remains a bipartisan issue and Wyden has long taken a special interest in security pitfalls and policies.

One of those groups, Salt Typhoon, compromised at least eight telecommunications providers or telecom infrastructure companies in the U.S., Anne Neuberger, deputy national security advisor for cyber and emerging technology, said last week.

The proposed act calls for the FCC to require telecom companies to adhere to security requirements to prevent the interception of communications or intrusions on network infrastructure.

The law would require telecom network operators to conduct annual tests to evaluate systems integrity, work with an independent auditor to assess compliance with FCC cybersecurity rules, and submit the findings from those tests and audits to the regulatory agency.

The law also compels the CEO and CISO of telecom carriers to sign a statement affirming the company is in compliance with the FCC’s cybersecurity rules.

The campaign to intrude telecom companies has been underway for up to two years and spans a few dozen countries. U.S. officials still don’t know the full extent of damages caused by attacks or what remains at risk.

“Congress needs to step up and pass mandatory security rules to finally secure our telecom system against an infestation of hackers and spies,” Wyden said.

Filed Under: Policy & Regulation

Editors' picks

Company Announcements

View all | Post a press release
Migliaccio and Rathod Investigates Byte Federal Data Breach
From Migliaccio and Rathod
December 12, 2024
Why Cybersecurity Leaders Trust the MITRE ATT&CK Evaluations
From Cynet Security
December 05, 2024
Only Cynet Delivers 100% Protection and 100% Detection Visibility in the 2024 MITRE ATT&CK Eva…
From Cynet Security
December 11, 2024
Chemonics International Data Breach Investigation
From Migliaccio & Rathod LLP
December 04, 2024
Editors' picks
Latest in Policy & Regulation
Industry Dive is an Informa TechTarget business.
© 2024 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.