C&T Subcommittee Hearing: Securing the Future of Telecommunications Infrastructure

House Subcommittee on Communications and Technology

2025-04-30

Loading video...

Summary

This subcommittee hearing focused on the critical importance of securing global communications infrastructure against a backdrop of increasing threats from foreign adversaries and evolving technologies, emphasizing the pervasive impact of these networks on national defense, economic stability, and daily life. Participants discussed various vulnerabilities, the need for robust security measures, and the roles of government and industry in protecting essential services and data from malicious actors[ 00:14:34-00:16:09 ]

[ 00:27:41-00:27:55 ] .

Themes

Threats to Communications Infrastructure

The security of communication networks is under severe threat, particularly from state-sponsored actors like China, Russia, North Korea, and Iran[ 00:16:09-00:16:34 ]

[ 00:43:31 ] . The "Salt Typhoon" operation, attributed to Chinese-backed hackers, infiltrated U.S. telecommunications networks, impacting at least nine providers and enabling the geolocation of millions and recording of calls from senior U.S. officials[ 00:16:39 ] . Beyond cyberattacks, physical disruptions, such as attacks on undersea cables, also pose a significant risk, capable of interrupting international data flows and causing widespread service degradation[ 00:17:16 ] [ 00:17:44 ] . These threats aim to steal sensitive data, commit fraud, establish surveillance footholds, and potentially disrupt critical services like financial systems and energy infrastructure.

Role of Satellite Technology

Satellite technology is increasingly vital, providing broadband, mission-critical services, and positioning, navigation, and timing data to various sectors, including the federal government. The industry is experiencing rapid innovation, with thousands of satellites in orbit supporting critical infrastructures like emergency services and national security. Satellites offer unique resilience benefits, such as resistance to terrestrial disasters and the ability to provide multi-orbit services for enhanced reliability. They also offer a crucial redundancy option for subsea cable failures, though they cannot fully replace the bandwidth capacity of fiber optics[ 02:14:31 ]

[ 01:25:51 ] .

Supply Chain Security and Domestic Manufacturing

Securing the communications infrastructure requires addressing supply chain vulnerabilities, particularly the reliance on foreign equipment and components[ 00:55:27 ]

. Initiatives like the Secure and Trusted Communications Network Reimbursement Program ("Rip and Replace") are crucial for removing insecure Chinese equipment from U.S. networks[ 00:18:05 ] . There is a recognized need to reshore critical manufacturing, especially for semiconductors, and build a domestic ecosystem for ICT components to reduce dependence on adversaries[ 00:55:29 ] . Standards like SCS 9001 are being developed to ensure products and services originate from trusted suppliers and incorporate security by design[ 01:00:23 ] .

Government's Role and Interagency Coordination

Effective cybersecurity requires strong collaboration between the government and the private sector, as private companies cannot defend against nation-state attacks alone[ 01:12:14 ]

. Concerns were raised about the lack of clarity regarding agency jurisdiction (CISA, DOD, FCC) over critical infrastructure security, which can impede threat responses[ 01:13:48 ] [ 01:15:33 ] . The importance of information sharing, streamlining regulatory processes, and providing liability protections for industry to share threat intelligence with the government was emphasized. The disbandment of the Cyber Safety Review Board and the federal cyber workforce cuts were highlighted as weakening national security and hampering the ability to learn from major incidents like Salt Typhoon[ 01:22:58 ] .

Emerging Technologies (AI, IoT) and Cybersecurity

New technologies like Artificial Intelligence (AI) and the Internet of Things (IoT) present both opportunities and threats to network security[ 00:14:53 ]

[ 00:51:52 ] . AI can be leveraged for vulnerability testing, anomaly detection, and real-time threat response in areas like satellite communications. However, AI also enhances adversaries' capabilities to process vast amounts of data, extract insights, and bypass cyber defenses, enabling even less sophisticated actors[ 02:33:37 ] . The proliferation of interconnected smart devices (IoT) in homes and critical sectors like the automotive industry creates new entry points for cyberattacks, underscoring the need for "security by design" and consumer awareness programs like the U.S. Cyber Trust Mark[ 00:58:46 ] [ 00:59:04 ] .

Undersea Cables

Undersea cables, carrying over 99% of internet traffic and trillions in financial transactions, are critical but vulnerable to both accidental damage and intentional sabotage by nefarious actors[ 00:17:16 ]

[ 00:17:34 ] . Increased redundancy through more cables and landing points is essential to prevent single points of failure. Challenges include lengthy permitting processes (sometimes taking hundreds of days), a shortage of repair ships, and the need for faster repair capabilities[ 01:25:16 ] . Streamlining permitting, possibly by designating a lead agency like NTIA and implementing a "trusted partner framework," could expedite deployment[ 01:57:47 ] [ 01:58:12 ] .

Tone of the Meeting

The meeting conveyed a tone of significant concern and urgency regarding the escalating threats to communications infrastructure[ 00:14:44 ]

[ 00:27:30 ] . While there was an overarching sense of the need for bipartisan cooperation to address national security challenges[ 01:52:12 ] , there was also sharp criticism directed at the current administration for perceived security failures, mismanagement, and actions that undermine cybersecurity efforts, such as workforce cuts and the misuse of unsecured communication channels by officials[ 00:28:09 ] . Speakers emphasized the critical importance of these networks and the potential for devastating consequences if vulnerabilities are not proactively addressed[ 00:15:45 ] .