Senator Wyden Reminds White House Feckless Regulators Have Resulted In Pathetic Security On U.S. Wireless Networks
While countless lawmakers looking to get on cable TV spent much of the last few years freaking out about TikTok privacy issues, none of those same folks seem bothered by the parade of nasty vulnerabilities in the nation's telecom networks.
Hackers are still happily exploiting the SS7 flaw that lets governments and bad actorsspy on wireless users around the planet. There's a constant drumbeat of location data scandals that keep revealing how your granular location data is being soldto any nitwit with a nickel. And then there's the nonexistent privacy and security standards in theinternet of broken things or satellite communications networks.
In a new letter sent to the White House, Senator Ron Wyden notes that the steady rush toward mindless deregulation of U.S. telecom has had a negative impact on overall security, particularly on U.S. wireless networks. That, in turn, has been exploited by a growing roster of hacking companies that sell largely untraceable phone hacking tools at ever increasing scale, notes Wyden:
These phone company hacking services exploit flaws in two obscure technologies, known as
Diameter and Signaling System 7 (SS7). These two technologies are used by wireless carriers
around the world to deliver text messages between phone companies, and for roaming by their customers traveling abroad. For the last decade, cybersecurity researchers and investigative journalists have highlighted how wireless carriers' failure to secure their networks against rogue SS7 and Diameter requests for customer data has been exploited by authoritarian governments to conduct surveillance."
Wyden singles out the FCC's consistent failure to set even minimum cybersecurity standards for
wireless carriers like AT&T, T-Mobile, and Verizon. The FCC has, as we've often noted, steadily had its authority, staff, and resources chipped away by industry to the point where the agency is often purely decorative, and routinely unwilling to stand up to telecom giants on any issue of note.
At the same time, Wyden notes that CISA is actively hiding information about it from the American people," making it tougher to even understand the scale of the problem. His office recommended that the FCC, CISA and NSA all work in concert to shore up U.S. security standards, using the UK Telecommunications Security Code of Practice as a model.
We probably won't do any of that, because you get more attention and cable TV news appearances as an FCC official if you purposelessly hyperventilate about stuff like TikTok. Not only are many FCC officials not doing their basic jobs, they're actively undermining the few things the FCC does attempt to accomplish (like formally recognizing racism in broadband deployment), all to the benefit of industry.