Telecom firms form new cyber information-sharing group

Jorg Greuel/Getty Images

Featured eBooks
Health Tech
Read Now

CDM

Read Now

Future-Ready Workforce

Read Now
Insights & Reports
The Cloud Isn't Enough: Why Federal AI Demands Its Own Factory
Presented By Sterling
Download Now
Google Pixel and T-Mobile for Government
Presented By T-Mobile
Download Now
David DiMolfetta By David DiMolfetta,
Cybersecurity Reporter, Nextgov/FCW

By David DiMolfetta

|

AT&T, Verizon, Comcast and others are among members of the C2 ISAC that aims to boost cybersecurity of the telecommunications sector, a prime target for foreign hackers.

Several of the telecommunications industry’s largest companies formed a new cybersecurity-focused information-sharing group, roughly two years after a sweeping Chinese hacking campaign compromised several major carriers and providers worldwide.

AT&T, Charter, Comcast, Cox, Lumen Technologies, T-Mobile, Verizon and Zayo have formed the Communications Cybersecurity Information Sharing and Analysis Center, or C2 ISAC, which was announced Tuesday. 

Rich Baich, chief information security officer for AT&T, is serving as the inaugural chair of the C2 ISAC’s board. Valerie Moon, a former Cybersecurity and Infrastructure Security Agency and FBI official who currently works as the executive director for the Institute for Critical Infrastructure Technology, will serve as the group’s executive director.

“The U.S. telecommunications sector recognizes the urgent need for robust, unified defenses in the face of persistent threats to networks and consumers,” a group statement reads. “The founding members formed C2 ISAC because no single company has full visibility into every threat or can address every risk alone. By sharing resources, expertise, and real-time intelligence, C2 ISAC helps members anticipate, identify and respond to cyber threats more quickly and effectively.”

In 2024, investigators uncovered a sweeping Chinese hack tied to a group known as Salt Typhoon that compromised telecom providers in the U.S. and abroad — including multiple firms now belonging to C2 ISAC — and breached U.S. lawful intercept systems used for court-ordered surveillance.

The Salt Typhoon intrusions have been underway since at least 2019, according to the FBI, and there is no clear public indication that the hackers have been fully excised from communications networks.

A suspected China-linked breach of an FBI surveillance system discovered earlier this year likely revealed phone numbers of targets being monitored by the bureau.

Communications networks are highly favored targets for hackers because penetrating them can enable access to customer data, call records and sensitive communications. 

The formation of an independent ISAC is a notable step for the telecom industry. A separate but related information-sharing group focused on communications security was established in the 1980s and is run within CISA, an agency that has faced significant workforce reductions over the last year. 

Federal agencies are searching for Chinese-linked telecom and surveillance equipment that officials warn could enable covert hacking and spying. The departments of Defense and Energy found a small number of vulnerable devices and are working to address the risks, according to a GAO report issued Tuesday.

NEXT STORY: Microsoft disrupts cybercrime service offering malware disguised as legitimate software