- Salt Typhoon is widely believed to be the largest telecom hack in the nation’s history
- All of the major wireless carriers are affected, although T-Mobile said it nipped it in the bud early
- Lawmakers are trying to figure out how to prevent future attacks from happening – and open RAN is one avenue
Everyone is trying to figure out how to beef up security after Salt Typhoon – and open radio access network (RAN) technology could be one way to help thwart security attacks in the future.
That’s what witnesses told Senators on Wednesday during a hearing on the ramifications of and possible remedies for Salt Typhoon, which is believed to be the largest telecom hack in the nation’s history. Myriad U.S. telecom companies, including AT&T and Verizon, are victims of the Chinese espionage attack.
“There’s a lot that we still don’t know about the damage that was done by the Salt Typhoon hacks, but what we do know is that more must be done to prevent attacks like this in the future,” said Sen. Ben Ray Luján (D-New Mexico), chair of the subcommittee on Communications, Media and Broadband.
One obvious thing lawmakers can do in the near-term is to fully fund the Secure and Trusted Communications Networks Program, a.k.a. the rip-and-replace program, which calls for the removal of Chinese vendors Huawei and ZTE from telecom networks. The U.S. House of Representatives on Wednesday approved the National Defense Authorization Act (NDAA), which includes the $3 billion needed to make up for a long-standing funding shortfall. It’s now headed to the U.S. Senate.
Competitive Carriers Association President and CEO Tim Donovan, who was a witness at the Senate hearing, reiterated his confidence that the rip-and-replace program will get fully funded before the end of this year. He also gave a shout-out to open RAN, which, he said, can provide an alternative to Chinese suppliers while promoting competition and innovation.
It’s a ray of sunshine for the technology that has taken a beating this year. Dell’Oro Group analyst Stefan Pongratz this week concluded that open RAN tanked in 2024. EJL Wireless Research analyst Earl Lum earlier this year declared open RAN “mostly dead.”
Alternative to Huawei
But cybersecurity experts at Wednesday’s hearing were positive about the role open RAN can play in replacing Chinese gear.
One of the things that happened over the past 20 years is all of the American telecom vendors went out of business, in part because Huawei, with support from the Chinese government, undercut them on price, according to James Lewis of the Center for Strategic and International Studies.
Open RAN provides an opportunity to change the game and while it won’t immediately guarantee better security, it’s one way of keeping China out of the supply chain. Lewis said he regularly meets with a lot of phone company executives and he routinely asks them about their thoughts on open RAN. Until this year, a lot of them said they weren’t going to use it because it’s not reliable. But that’s starting to change, he said.
In a sense, open RAN provides a way out of the “Huawei trap,” according to James Mulvenon, chief intelligence officer at Pamir Consulting. For example, even when Huawei isn’t directly supplying equipment, it makes money from the sale of it because it’s involved in the 3GPP process where standards like 5G are developed. Huawei gets a percentage of royalties for the patents it supplies.
Open RAN is opening the door for other vendors. “The carriers were right for a number of years that open RAN wasn't as robust to be able to handle Tier 1 level traffic as the current standards were, but that's why we invested so much money in open RAN, to help it catch up,” Mulvenon said.
“Open RAN had a lot of work to do, but I would argue … that, in fact, open RAN is much more mature and robust right now and is a credible alternative for the carriers,” he added.
Indeed, AT&T is adding more vendors to its Ericsson-led transition to open RAN, with Mavenir and Fujitsu as radio suppliers. Verizon is introducing open RAN to more parts of its network and recently hired open RAN guru Santiago Tenorio as its chief technology officer. The leading U.S. carrier in open RAN, Boost Mobile this week pronounced a deal with Mavenir demonstrating interoperability between different open RAN radio vendors, proving that open RAN is not only viable but “thriving in real-world deployments.”
Early on, T-Mobile — which isn’t jumping on the open RAN train — was identified as one of the telecom companies targeted in the Salt Typhoon attacks. It has a history of being the target of data hacks. But in a blog last month, T-Mobile Chief Security Officer Jeff Simon said attempts to infiltrate its systems originated from a wireline provider’s network that was connected to T-Mobile and it “quickly severed” connectivity to that provider’s network. T-Mobile didn't identify the wireline network.
T-Mobile’s name didn’t specifically come up during Wednesday’s hearing, except at the very end, when Luján said he wanted to submit a few items into the record, including Simon’s blog post.
Incoming FCC's plan
Of course, everyone wants to know what the next Trump administration is going to do when it comes to cybersecurity. Sen. Ted Cruz (R-Texas) criticized outgoing Democratic FCC Chairwoman Jessica Rosenworcel for a “Band-Aid at best” approach to Salt Typhoon, which included a declaratory ruling and proposed rulemaking that requires telecom service providers make an annual certification of their cybersecurity management programs.
Asked about Salt Typhoon during a press conference after Wednesday’s December open meeting, Republican FCC Commissioner Brendan Carr, who President-elect Donald Trump has picked to be the next FCC chair, said that going forward, one of the things that needs to happen is collaboration and coordination between federal agencies.
“The fact of the matter is we have to get the horses back in the barn,” he said. "Job one is for the FCC to continue to be at the table, closely coordinate with all of these cyber-related agencies, focused very narrowly on getting this thing under control, getting it solved.”
The other thing he said needs to happen is federal government officials need to feed information directly to the C-suites and cyber experts at the targeted telecom companies, identifying vulnerabilities in real time and providing solutions and remedies.
That was one recommendation that came out of the Senate hearing as well: provide operators with a "paint-by-numbers" approach. "Don't just assume general guidance is going to be good enough," Donovan concluded.
Got something to tell us? Write to us at [email protected].