The FCC has reversed a ruling from January 2025 that mandated stricter cybersecurity measures for US telecom providers, a decision that security leaders describe as alarmingly incompetent. This rollback comes in the wake of the Salt Typhoon attacks, one of the largest breaches in telecom history, which compromised major companies like AT&T and Verizon. Hackers accessed essential systems, potentially intercepting sensitive information related to high-ranking US officials. The January ruling required telecoms to create and certify cybersecurity risk management plans, aiming to protect against unlawful access and interception. FCC officials claim the reversal stems from their assessment that the original ruling misinterpreted the Communications Assistance for Law Enforcement Act (CALEA). They argue that telecom providers have improved their cybersecurity posture and have committed to coordinated efforts to enhance network protection. However, critics, including FCC Commissioner Anna M. Gomez, contend that this decision leaves American infrastructure more vulnerable at a time when threats from attackers, particularly those linked to the Chinese government, are rising. Gomez emphasized that the January ruling was the only significant federal action in response to Salt Typhoon, and without stronger controls, future attacks are likely. Senator Maria Cantwell also condemned the rollback, linking it to lobbying efforts from the very telecom companies affected by Salt Typhoon. She has demanded accountability from these companies regarding their network security. David Shipley, CEO of Beauceron Security, criticized the FCC's decision, calling it a dumb idea that undermines national security. The situation highlights a growing tension between regulatory actions and the telecom industry's pushback, raising concerns about the adequacy of protections against cyber threats.