Last year, nearly a dozen major U.S. Internet Service Providers (ISPs) fell victim to a significant breach orchestrated by Chinese hackers. This unprecedented intrusion, now known as the “Salt Typhoon” hack, gave these cyber intruders unfettered access to sensitive U.S. network systems for more than a year, allowing them to spy on public officials with alarming ease. Disturbingly, many of the vulnerabilities exploited in this attack stemmed from basic security oversights—such as telecom administrators neglecting to change default passwords on crucial hardware.

Despite the severity of the breach and the potential ramifications for national security, major players in the industry like AT&T and Verizon chose not to notify their customers. This silence reflects an unsettling trend towards complacency, aggravated by a climate of deregulation and insufficient oversight of telecom monopolies.

In the last days of the Biden administration, the Federal Communications Commission (FCC) took steps to implement basic cybersecurity safeguards that would require telecom operators to improve network security and inform consumers of breaches. However, with the arrival of the Trump-appointed FCC under Brendan Carr, these modest regulatory advancements are set to be rolled back in a move that many view as a capitulation to corporate lobbyists from the likes of AT&T and Comcast.

In a callous reassessment cloaked in the guise of industry agility, Carr claims that ISPs have made significant strides in strengthening their cybersecurity defenses. He dismisses the Biden-era rules—which were merely the low bar for corporate conduct—as excessive, stating that they exceeded the agency’s authority. This rhetoric not only minimizes the gravity of the cybersecurity landscape but also strips away essential protections that impact millions of consumers.

One must ask: what kind of “agility” allows for the reversing of the very measures intended to keep our telecommunications secure? This situation raises ethical questions about Carr’s motivations, suggesting a troubling intersection of public service and corporate interests. It is essential to recognize that such regulatory rollbacks may pave the way for a more dangerous cyber environment, less focused on consumer welfare and more on appeasing corporate giants.

Moreover, while Carr has publicly lambasted platforms like TikTok as potential cybersecurity threats, his actions reveal a paradoxical stance. Much of the regulatory attention has shifted away from domestic cybersecurity issues toward manufactured fears around specific foreign entities. This deflection serves to obfuscate the fact that many cybersecurity vulnerabilities lay at home, deeply rooted in lax corporate oversight.

The Trump administration’s broader approach to cybersecurity has been equally troubling. Not only have governmental cybersecurity initiatives been undermined—including the dismantling of critical oversight bodies—but there is a palpable reluctance to engage with meaningful incident investigations like that of the Salt Typhoon hack. In the absence of action, we risk leaving the gates of our digital infrastructure—one more penetrable to foreign adversaries—wide open.