Senator Ben Ray Lujan (D-NM), chair of the Senate Subcommittee on Communications, Media and Broadband, made an impassioned plea on Wednesday afternoon to his colleagues to ensure passage of language to fully fund Rip and Replace in the lame-duck session of Congress. He said the Salt Typhoon hacks into major U.S. telecoms show that “even the biggest carriers are vulnerable.”
“One thing we can do is get foreign equipment out of our networks,” said Lujan. “Rip & Replace has remained partially unfunded for years, opening up our networks to threats.” Lujan and witnesses at a hearing on communications network safety stressed the need to keep bad actors out of every point in the communications infrastructure supply chain.
“The Rip & Replace program should have been complete this July,” testified Competitive Carriers Association President/CEO Tim Donovan. “The situation is dire. Significant amounts of covered equipment and services remain in place today because of insufficient funding.”
“Rural telecommunications providers, especially in Western states, are being forced to decide where to remove equipment but not replace it,” said Donovan. He testified that this “eliminates service both to a carrier’s own subscribers as well as millions of Americans who roam onto their networks for connectivity, including for 911 and emergency services.” He called the decisions “agonizing” for Rip & Replace members “because they live in the communities they serve.”
Donovan also urged lawmakers to pass funding for Rip & Replace, noting “our carriers need federal partners in the fight with us,” against what he called “endless security whack a mole.” He urged more cooperation between carriers on the issue as well.
Discussing the communication network hacks more broadly, Dr. James Mulvenon, Chief Intelligence Officer at Pamir Consulting, and other witnesses said China, Russia, Iran and North Korea will continue trying to infiltrate U.S. communications networks unless the U.S. gets tough. “I expect in the incoming administration we’ll see a new bias towards offense in pushing back.”
Incoming Senate Commerce, Science & Transportation Chair Ted Cruz (R-TX) said cyber attacks from state-sponsored actors “represent a grave threat,” calling them “highly sophisticated and relentless.” He predicted the Salt Typhoon cyber attack “will not be the last. We must plug [vulnerabilities] in all communications networks.”
James Lewis, Senior Vice President and Director of the Technology and Public Policy Program at the Center for Strategic and International Studies, said the U.S. needs to engage with the Chinese regulatory personnel and “tell them this is unacceptable. You’ve gone too far and if this doesn’t stop we will take action.”
He recommended that the U.S. National Security Agency or other federal cybersecurity personnel need to develop a plan. “Then tell the Chinese ‘We’re not kidding.’ Warn them, then take action,” Lewis told lawmakers.
Lewis said until recently, telecoms he spoke with had no plans to use O-RAN, saying it was unreliable, but now that’s beginning to change. Lewis and Mulvenon agreed that going from a closed system where carriers are tied to limited suppliers to an open source system like O-RAN where they have more vendor choices would be good. “By getting China out of our supply chain I think we’ll be better off,” said Lewis.
By Leslie Stimson, Inside Towers Washington Bureau Chief
Reader Interactions