Senate Passes Wyden Bill to Release Unclassified Report on Phone Network Security Threats
CISA has Ignored Multiple Requests to Release Vital Information; Following China’s Salt Typhoon Hack of US Networks, Americans Deserve to See Unclassified Report
Washington, D.C. – U.S. Senator Ron Wyden, D-Ore., today unanimously passed legislation requiring the release of an unclassified report containing important details about U.S. telephone network security.
“Congress and the American people deserve to read this report. It includes frankly shocking details about national security threats to our country’s phone system that require immediate action,” Wyden said on the Senate floor on Monday.
Wyden took to the Senate floor following years of inaction by phone companies and the federal government on the security of our phone networks, which has enabled foreign governments to repeatedly spy on Americans, threatening U.S. national security. Most notably the 2024 hack of several U.S. communications companies, including Verizon and AT&T, by a Chinese government hackers dubbed Salt Typhoon, which tapped the calls of President Trump, Vice President Vance, and scores of other federal officials, reportedly tracked the locations of millions of Americans, and reportedly stole phone call records about a vast number of Americans.
Wyden has repeatedly asked the Cybersecurity and Infrastructure Security Agency (CISA) to release the unclassified report, titled “U.S. Telecommunications Insecurity 2022,” but was stonewalled by the agency.
“CISA’s multi-year cover up of the phone companies’ negligent cybersecurity enabled foreign hackers to perpetrate one of the most serious cases of espionage — ever — against our country. Had this report been made public when it was first written in 2022, Congress would have had ample time to require mandatory cybersecurity standards for phone companies, in time to prevent the Salt Typhoon hacks,” Wyden said.
CISA’s top telecommunications security expert filed a whistleblower report with the Federal Communications Commission (FCC) in May 2024. Citing his access to non-public reports and other “very concerning information,” the CISA official told the FCC that “there have been numerous incidents of successful, unauthorized attempts to access the network user location data of communications service providers operating in the USA.” He added that foreign surveillance went beyond location tracking and included “the monitoring of voice and text messages” and “the delivery of spyware to targeted devices.”
Earlier this year, Wyden placed a hold on Sean Plankey, the nominee to lead the Cybersecurity and Infrastructure Security Agency, until CISA releases the report. In 2018 the Department of Homeland Security released details about cell phone surveillance devices, known as cell-site simulators or Stingrays, that had been detected near sensitive locations in and around Washington, D.C., including the White House, after Wyden placed a hold on a DHS nominee.
The bill now goes to the House of Representatives for consideration.
###
Next Article Previous Article
