Inadequate public pressure complicates push for stronger US telecom cyber rules

Multiple federal and state officials said that a lack of public concern about Chinese state-backed hacking group Salt Typhoon's hacking campaign against telecommunications firms across the U.S. has been slowing down efforts to bolster the sector's cybersecurity regulations, CyberScoop reports.

Two years after Salt Typhoon compromised at least 10 U.S. telecommunications companies and gained broad access to phone data affecting millions of Americans, officials say the campaign has been difficult to convey as a top concern to the public, unlike fellow Chinese hacking group Volt Typhoon's intrusions against electric grids and water treatment facilities. Some state and federal officials worry that the lack of interest could deprive policymakers of the public pressure needed to push stronger telecommunications cybersecurity measures. Experts noted telecom-focused espionage can seem abstract compared with attacks on critical infrastructure.

"It's maybe a little bit easier to write off a loss of data... and move on, as unfortunate but no big deal," said Mischa Beckett, GDIT's deputy chief information security officer and director of cyber threat intelligence.