The top Democrat on the Senate Commerce Committee urged the Federal Communications Commission on Tuesday to halt its plan to eliminate cybersecurity measures that were adopted in the aftermath of the major Salt Typhoon cyber intrusion that penetrated U.S. telecommunications networks last year.
Senator Maria Cantwell of Washington called on FCC Chair Brendan Carr to cancel the scheduled vote to overturn a January decision that interpreted federal law as requiring telecommunications carriers to protect their systems from unlawful access or intercepted communications.
That same decision warned that carriers might be violating federal obligations if they failed to implement key cybersecurity safeguards.
Cantwell defended the ruling, calling it “a commonsense acknowledgement that providers are responsible for protecting public safety against cybersecurity threats.”
Related story: Hackers Linked to Nation-State Breach U.S. Telecom Firm Ribbon Communications
Background on the FCC’s January Decision
A spokesperson for Carr, who was appointed by former Republican President Donald Trump, did not immediately comment.
When the FCC was led by Democrat Jessica Rosenworcel in January, the agency also released a proposed rule seeking feedback on potential detailed cybersecurity requirements.
Senator Ben Ray Lujan of New Mexico has stated that China’s activities likely represent “the largest telecommunications hack in our nation’s history.”
Hackers targeted companies including Verizon, AT&T, and Lumen, among others. The Salt Typhoon operation, linked to Chinese actors, was part of a sweeping, years-long espionage effort that also reached the Army National Guard network of one U.S. state.
Cantwell noted that Salt Typhoon enabled the Chinese government to “geolocate millions of individuals” and “record phone calls at will,” describing the breach as one that reached nearly every American. China has denied involvement.
Growing Tensions Over the FCC’s Planned Reversal
Cantwell criticized the move to overturn the cybersecurity ruling, writing, “You have now proposed to reverse this requirement after heavy lobbying from the very telecommunications carriers whose networks were breached by Chinese hackers.”
AT&T and Verizon did not immediately comment. Carr has said the FCC intends to rescind the ruling and withdraw the proposed rule following recent discussions with telecom providers, who he says agreed to take actions to protect national security.
The agency argued that the earlier decision was “legally erroneous and ineffective at promoting cybersecurity,” and expressed support for a more targeted approach to improving network protections.
Cantwell also raised concerns about Carr’s position on other national security issues.
She noted that “after helping lead the movement during the Biden administration to require that TikTok divest of Chinese influence,” he has remained quiet as the Trump administration delayed enforcement of the 2023 law until January 20 to allow the divestiture process to proceed.
Read next: UK Hacker Behind 2020 Twitter Breach Ordered to Repay $5.4 Million in Bitcoin