The FCC announced it is creating a national security council to improve US defenses against Chinese cyber-attacks and in an effort to “[win] the strategic competition with China over critical technologies” such as 5G, AI, and quantum computing.
The new FCC chair Brendan Carr said he was establishing the council to focus on the “persistent and constant threats from foreign adversaries, particularly the Chinese Communist party”.
“These bad actors are always exploring ways to breach our networks, devices, and technology ecosystem. It is more important than ever that the FCC remain vigilant and protect Americans and American companies from these threats,” Carr said.
Carr also mentioned that the council would “pull resources from a variety of FCC organizations” and target mitigating US vulnerabilities to cyber-attacks, espionage and surveillance and reducing supply chain dependence on adversarial states.
The new council is expected to shift focus from individual Chinese entities to a more sectoral approach due to US loopholes, such as a Chinese group changing its name, that allowed threat actors to circumvent punitive actions.
“The US side, instead of playing up the so-called ‘China threat’, should adopt an objective and rational perception of China. It needs to work with China, under the principles of mutual respect, peaceful coexistence and win-win co-operation, for stable, sound and sustainable development of China-US relations,” said Liu Pengyu, the embassy spokesperson, in learning of the new council.
Evan Dornbush, former NSA cybersecurity expert had this to say:
The FCC announcement to build a China-focused response capability is only a few days old, so it may be too early to understand the first-order tactics (and their effectiveness). This is a bold step. The FCC owns the airwaves, and with so much technology leveraging wireless, from drones using GNSS, to cellular networks using foreign-made 5G routing, to mesh networks coordinating over the managed spectrum, it’s clear the FCC is crucially placed to have impact.
This also gives the FCC a “stick” to match its “carrot”. Over the summer when US telecom carriers revealed that the lawful intercept systems they are obligated to operate (due to CALEA, which is managed by FCC), were exposed to foreign adversaries. The resulting action? Congress gave a $3B hand out to “rip and replace” foreign-manufactured equipment. With that gone, telcos still have vast exposure from old legacy equipment likely vulnerable to both known and zero-day exploits.
What might it take for these companies to upgrade? The new authorities could increase audits and inspections. It could increase stricter fines or other penalties.
And this stick could apply to areas other than telcos. It is common practice for foreign companies to white label through US shell entities to get around various disclosures and other restrictions pertaining to license applications. Tightening up the authorization process to trace the supply chain can perturb aggressors trying to preposition deeply embedded malware.
The Chinese are clearly a threat as demonstrated by their past actions. Thus anything that can be done to counter that threat is a good thing in my mind.
Like this:
Like Loading...
Related
This entry was posted on March 14, 2025 at 8:39 am and is filed under Commentary with tags FCC. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
FCC creates council to counter Chinese threats
The FCC announced it is creating a national security council to improve US defenses against Chinese cyber-attacks and in an effort to “[win] the strategic competition with China over critical technologies” such as 5G, AI, and quantum computing.
The new FCC chair Brendan Carr said he was establishing the council to focus on the “persistent and constant threats from foreign adversaries, particularly the Chinese Communist party”.
“These bad actors are always exploring ways to breach our networks, devices, and technology ecosystem. It is more important than ever that the FCC remain vigilant and protect Americans and American companies from these threats,” Carr said.
Carr also mentioned that the council would “pull resources from a variety of FCC organizations” and target mitigating US vulnerabilities to cyber-attacks, espionage and surveillance and reducing supply chain dependence on adversarial states.
The new council is expected to shift focus from individual Chinese entities to a more sectoral approach due to US loopholes, such as a Chinese group changing its name, that allowed threat actors to circumvent punitive actions.
“The US side, instead of playing up the so-called ‘China threat’, should adopt an objective and rational perception of China. It needs to work with China, under the principles of mutual respect, peaceful coexistence and win-win co-operation, for stable, sound and sustainable development of China-US relations,” said Liu Pengyu, the embassy spokesperson, in learning of the new council.
Evan Dornbush, former NSA cybersecurity expert had this to say:
The FCC announcement to build a China-focused response capability is only a few days old, so it may be too early to understand the first-order tactics (and their effectiveness). This is a bold step. The FCC owns the airwaves, and with so much technology leveraging wireless, from drones using GNSS, to cellular networks using foreign-made 5G routing, to mesh networks coordinating over the managed spectrum, it’s clear the FCC is crucially placed to have impact.
This also gives the FCC a “stick” to match its “carrot”. Over the summer when US telecom carriers revealed that the lawful intercept systems they are obligated to operate (due to CALEA, which is managed by FCC), were exposed to foreign adversaries. The resulting action? Congress gave a $3B hand out to “rip and replace” foreign-manufactured equipment. With that gone, telcos still have vast exposure from old legacy equipment likely vulnerable to both known and zero-day exploits.
What might it take for these companies to upgrade? The new authorities could increase audits and inspections. It could increase stricter fines or other penalties.
And this stick could apply to areas other than telcos. It is common practice for foreign companies to white label through US shell entities to get around various disclosures and other restrictions pertaining to license applications. Tightening up the authorization process to trace the supply chain can perturb aggressors trying to preposition deeply embedded malware.
The Chinese are clearly a threat as demonstrated by their past actions. Thus anything that can be done to counter that threat is a good thing in my mind.
Share this:
Like this:
Related
This entry was posted on March 14, 2025 at 8:39 am and is filed under Commentary with tags FCC. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.