theDocumentId => 741756 FCC Cites 'National Security' Concerns to Withhold ...

Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Network Security //

Data Center

3/27/2018
11:05 AM
Scott Ferguson
Scott Ferguson
News Analysis-Security Now
50%
50%

FCC Cites 'National Security' Concerns to Withhold Federal Contracts

FCC Chairman Ajit Pai is proposing new rules that will allow the commission to withhold federal contracts and other funds based on national security concerns. This is likely to involve several companies based in Russia and China.

The chairman of the Federal Communications Commission is proposing new rules that will allow the commission to block certain tech companies from receiving federal contracts and other funds if these suppliers are deemed a threat to national security.

The proposal, announced March 26, would apply to the FCC's $8.5 billion Universal Service Fund (USF), which helps provide telecommunications and other services to rural and low-income areas.

"Hidden 'back doors' to our networks in routers, switches -- and virtually any other type of telecommunications equipment -- can provide an avenue for hostile governments to inject viruses, launch denial-of-service attacks, steal data, and more," FCC Chairman Ajit Pai wrote in a statement released Monday.

(Source: Flickr)
(Source: Flickr)

Although the proposal did not specify which companies the proposed rule changes are targeting, Light Reading Mobile Editor Dan Jones reports that China's Huawei Technologies and ZTE, along with Russia's Kasperksy Labs, are likely to come under additional scrutiny.

The FBI and CIA have previously sent warnings about Huawei and ZTE. (See Unknown Document 739679.)


The fundamentals of network security are being redefined -- don't get left in the dark by a DDoS attack! Join us in Austin from May 14-16 at the fifth annual Big Communications Event. There's still time to register and communications service providers get in free!

Kasperksy has also come under scrutiny for its ties to the Russian government, but company spokespeople have denied any connection.

The FCC will hold a vote on new rules on April 17.

For more details, read the full story on Security Now's parent site, Light Reading .

Related posts:

— Scott Ferguson, is the managing editor of Light Reading and the editor of Security Now. Follow him on Twitter @sferguson_LR.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-18428
PUBLISHED: 2021-07-26
tinyexr commit 0.9.5 was discovered to contain an array index error in the tinyexr::SaveEXR component, which can lead to a denial of service (DOS).
CVE-2020-18430
PUBLISHED: 2021-07-26
tinyexr 0.9.5 was discovered to contain an array index error in the tinyexr::DecodeEXRImage component, which can lead to a denial of service (DOS).
CVE-2021-37576
PUBLISHED: 2021-07-26
arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.
CVE-2021-37555
PUBLISHED: 2021-07-26
TX9 Automatic Food Dispenser v3.2.57 devices allow access to a shell as root/superuser, a related issue to CVE-2019-16734. To connect, the telnet service is used on port 23 with the default password of 059AnkJ for the root account. The user can then download the filesystem through preinstalled BusyB...
CVE-2020-23240
PUBLISHED: 2021-07-26
Cross Site Scripting (XSS) vulnerablity in CMS Made Simple 2.2.14 via the Logic field in the Content Manager feature.