Advertisement

Sen. Blumenthal wants FCC to get busy on telecom wiretap security rules

The subcommittee chair said the FCC has the ability to act now in response to Salt Typhoon targeting the 2024 presidential campaigns.
Listen to this article
0:00
Learn more. This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment.
Sen. Richard Blumenthal speaks on July 11 in Washington, D.C. (Photo by Bonnie Cash/Getty Images)

A top senator on Tuesday urged the Federal Communications Commission to begin writing rules that would create mandatory security standards for wiretapping systems embedded in the networks of telecommunications carriers.

The suggestion to act immediately from Sen. Richard Blumenthal, D-Conn., comes in response to Chinese hackers known as Salt Typhoon, targeting the phones of both 2024 presidential campaigns via the so-called “lawful access” program, which mandates that telecoms assist the U.S. government in its surveillance efforts. The hacking campaign has spurred considerable congressional interest.

It also comes after the election of Donald Trump for president and as his administration prepares to take over in January. But at a hearing of his Senate Judiciary Subcommittee on Privacy, Technology and the Law, Blumenthal said the issue is bipartisan and any rulemaking should continue into next year.

“Think of it for a moment: A foreign adversary attempted to wiretap both presidential campaigns during this past election,” he said at the hearing. “We’re still learning each week about how sprawling and catastrophic this hacking campaign was. What we know now, and it’s publicly known, should galvanize action now. We need to ensure that these specific types of hacks will never happen again.”

Advertisement

Adam Meyers, senior vice president of the cybersecurity firm CrowdStrike, said hackers who infiltrate the lawful access program could collect call times, call contents, text message traffic, where a call is coming from and whom a target is with — opening up the ability to then target those additional parties.

“The lawful intercept rules that are present for lawful purposes, if there’s a warrant or other means for law enforcement to collect information, is a gold mine for a foreign threat actor,” he told Blumenthal’s panel.

The FCC should also launch an investigation, Blumenthal said. The commission reportedly requested a briefing from national security officials on the Salt Typhoon intrusions, but a spokesperson declined to comment last week on whether it received that briefing.

“The FCC has the legal authority, right now it has the power, to set and enforce security standards,” Blumenthal said.

Blumethal’s urging is an echo of other calls last month for the FCC to take up those security standards. The extent to which the Trump administration will embrace minimum critical infrastructure security standards, though, is unclear.

Latest Podcasts