Sources blame multiple failings around the intrusion.
Salt Typhoon’s compromise of U.S. telecommunications companies was aided by inadequate coordination between the government and the telco industry.
According to CyberScoop, aside from investigators' lack of foresight, the federal government was also said to have released vague vulnerability and risk advisories prior to the incident. It was also accused of failing to compel more robust security posture in the telecommunications sector.
Other sources also regarded the federal government's uneven prioritisation of critical infrastructure.
While one source cited the degradation of the CISA’s relationship with the telecommunications sector, such sentiment was not shared by National Security Telecommunications Advisory Committee member and NightDragon CEO Dave DeWalt. He said: "The integration with CISA over the last years has been pretty good... In fact, if anything, it got better during the Biden years.”
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
