Chinese-sponsored groups are using the popular Brickstorm backdoor to access and gain persistence in government and tech firm networks, part of the ongoing effort by the PRC to establish long-term footholds in agency and critical infrastructure IT environments, according to a report by U.S. and Canadian security offices.

The post China Hackers Using Brickstorm Backdoor to Target Government, IT Entities appeared first on Security Boulevard.

Two Trump-appointed FCC officials voted to undo the telecom industry's cybersecurity rules. One Democratic commissioner dissented, saying the decision leaves the United States "less safe" at a time when threats are increasing.

The Federal Communications Commission is set this week to vote on reversing cybersecurity rules for telecommunications providers that were put forward following the sweeping “Salt Typhoon” hacks.

The FCC’s meeting on Thursday includes plans to consider an order to rescind a ruling and proposed rules published in the waning days of the Biden administration. The January ruling requires telecom operators to secure their networks under Section 105 of the Communications Assistance for Law Enforcement Act.

But current FCC Chairman Brendan Carr argues that ruling “exceeded the agency’s authority and did not present an effective or agile response to the relevant cybersecurity threats.”

The proposed order would rescind the January ruling and withdraw proposed cybersecurity rules for telecom operators.

Instead, the FCC “should instead continue to pursue an agile and collaborative approach to cybersecurity through federal-private partnerships that protect and secure communications networks and more targeted, legally sound rulemaking and enforcement,” according to a factsheet on the order of reconsideration.

‘Worst’ hack ever

The Salt Typhoon campaign was revealed in 2024. It involved penetrating hacks into U.S. telecom networks and others across the globe. The hackers were reportedly able to target the communications of political figures and government officials, including then-candidate Donald Trump and running mate JD Vance.

U.S. officials have said Chinese-government sponsored hackers are behind the campaign. Senate Intelligence Committee Ranking Member Mark Warner (D-Va.) has described it as “the worst telecommunications hack in our nation’s history.”

The Cybersecurity and Infrastructure Security Agency has since said the Salt Typhoon campaign overlapped with global threat activities targeting multiple sectors, including telecommunications, government, transportation, lodging, and military infrastructure networks.

“While these actors focus on large backbone routers of major telecommunications providers, as well as provider edge (PE) and customer edge (CE) routers, they also leverage compromised devices and trusted connections to pivot into other networks,” CISA wrote in a September advisory. “These actors often modify routers to maintain persistent, long-term access to networks.”

In rolling out the January rules, Biden administration officials argued they represented a “critical step to require U.S. telecoms to improve cybersecurity to meet today’s nation state threats, including those from China’s well-resourced and sophisticated offensive cyber program.”

However, the FCC’s current leadership says the rules misinterpreted the law and “unnecessarily raised and purported to resolve issues that were not appropriate for consideration in the absence of public input.” The FCC’s factsheet also references the commission’s “recent engagement with providers and their agreement to take extensive steps to protect national security interests.”

In an October letter to the FCC, lawyers representing several telecom associations argued that the January ruling “would significantly undermine” public-private partnerships. They argued that telecom providers had voluntarily collaborated with federal agencies to investigate Salt Typhoon and adopted stronger cybersecurity measures.

Warner and Sen. Ron Wyden (D-Ore.) are also pressing the Department of Homeland Security to release an unclassified 2022 report on security vulnerabilities in the U.S. telecom sector. They argue that by not releasing the report, DHS is undermining public debate over how to best secure telecom networks in the wake of Salt Typhoon.

“The Salt Typhoon compromise represents one of the most serious espionage campaigns against the communications of U.S. government leaders in history, and highlighted important gaps in our nation’s communications security – in some cases, with providers ignoring basic security precautions such as credential re-use across network appliances and failure to adopt multi-factor authentication for highly privileged network administrator accounts,” Warner and Wyden wrote in a recent letter to DHS and the Office of the Director of National Intelligence.

Meanwhile, the House on Monday passed the “Strengthening Cyber Resilience Against State-Sponsored Threats Act.” The bill would establish a joint interagency task force to address China-linked cyber threats, including Salt Typhoon. The task force would be led by CISA, with involvement from the Justice Department, the FBI and several sector-risk management agencies.

The post FCC to vote on reversing cyber rules adopted after Salt Typhoon hack first appeared on Federal News Network.

© AP Photo/Andrew Harnik

The China-linked Salt Typhoon APT group attacked a European telecom via a Citrix NetScaler vulnerability in July 2025, Darktrace reports. This follows past US Army and telecom breaches.