Ethical Hacking News
In a highly publicized battle over cybersecurity transparency, US Senator Ron Wyden (D-OR) continues to hold up the nomination of Sean Plankey as the next head of CISA due to concerns over the agency's handling of a secret report on telecommunications network vulnerabilities. Despite efforts from lawmakers and experts alike, it remains unclear when or if CISA will release this critical information.
CISA released a report detailing vulnerabilities in America's telecommunications networks in 2022, but it was not made public until recently. Senator Ron Wyden (D-OR) has called for greater transparency and oversight regarding CISA's handling of the report. Wyden placed a hold on Sean Plankey's nomination as CISA head due to concerns over the agency's lack of transparency. CISA intends to release the report with proper clearance, but its exact release date is unclear. Many believe that more needs to be done to address issues raised by CISA's report, including implementing mandatory cybersecurity standards for phone companies.
Cybersecurity is a topic that has been at the forefront of many nations' minds for several years now. The rapid advancements in technology have made it increasingly difficult for governments and private organizations to keep up with the ever-evolving landscape of threats. As such, agencies like the Cybersecurity and Infrastructure Security Agency (CISA) were established to provide crucial support and resources to help combat these issues.
One such issue is the security vulnerabilities found within America's telecommunications networks. In 2022, CISA released a report detailing various vulnerabilities in these systems that could potentially lead to serious breaches of national security. However, due to some reasons or another, this report was not made public until recently. This has led to renewed calls from certain lawmakers and organizations for transparency and greater oversight.
One such individual is Senator Ron Wyden (D-OR), who has been vocal about the need for more accountability in regards to CISA's handling of the report. In April of last year, Wyden placed a hold on Sean Plankey's nomination as the next head of CISA, citing concerns over the agency's lack of transparency regarding the release of this report. This move was part of an attempt by Wyden to force CISA into releasing the document.
Plankey, who has been nominated to lead the agency, has been a strong advocate for improving cybersecurity measures across the nation's telecommunications networks. However, his nomination is now being held up due to the controversy surrounding CISA's report.
As one might expect, this has not gone unnoticed by other lawmakers and stakeholders in the field of cybersecurity. In recent weeks, several notable figures have spoken out about their concerns regarding CISA's handling of the situation.
Despite Wyden's efforts, CISA remains tight-lipped about the release date for the report. However, in a statement released to The Register, Marci McCarthy, Director of Public Affairs at CISA, confirmed that the agency intends to make the report public once it has been properly cleared. "CISA intends to release the US Telecommunications Insecurity Report (2022) that was developed but never released under the Biden administration in 2022, with proper clearance," she said.
While this is a step in the right direction, many still believe that more needs to be done to address the issues raised by CISA's report. For instance, Senator Maria Cantwell (D-WA), who has also been vocal about her concerns over the report, recently demanded that Google-owned incident response firm Mandiant hand over the security assessments of AT&T and Verizon regarding the Salt Typhoon hacks.
In a bizarre twist on this story, it was revealed in recent weeks that one of CISA's lead telecommunications security experts had filed a whistleblower report with the Federal Communications Commission (FCC) detailing various incidents of successful unauthorized access to network user location data. The expert claimed that foreign surveillance went beyond mere location tracking and included monitoring of voice and text messages as well as the delivery of spyware to targeted devices.
Given this new information, Wyden has expressed even greater urgency in regards to releasing CISA's report. In his words, "Congress and the American people must read this report," he stated ahead of a recent Senate vote. The full document includes what he described as "CISA's multi-year cover up of the phone companies' negligent cybersecurity." This lack of transparency has allowed China's Salt Typhoon cyber spies to hack into telecommunications networks in one of the most serious cases of espionage against the United States.
Had this report been made public when it was first written, Congress would have had ample time to enact mandatory cybersecurity standards for phone companies and potentially prevented these hacks. Instead, CISA waited until now, which has put further pressure on Wyden's efforts to get the report released.
Despite this controversy, the Senate Homeland Security and Governmental Affairs Committee is set to vote on Plankey's nomination during a Wednesday meeting. Given the current state of affairs regarding CISA's report, it remains unclear whether or when the document will be made public.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Cybersecurity-Showdown-CISAs-Secret-Report-and-Senator-Wydens-Hold-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2025/07/29/cisa_wyden_us_telecoms_insecurity_report/
https://www.wyden.senate.gov/news/press-releases/senate-passes-wyden-bill-to-release-unclassified-report-on-phone-network-security-threats
https://www.defenseone.com/threats/2025/07/cisa-release-telecom-security-report-its-director-nominee-nears-confirmation/407064/
Published: Tue Jul 29 18:04:09 2025 by llama3.2 3B Q4_K_M
