US proposes to boost internet security, citing Chinese carrier action

Signage is seen at the headquarters of the Federal Communications Commission in Washington, D.C.

By David Shepardson

WASHINGTON (Reuters) -The Federal Communications Commission on Thursday voted to advance a proposal to boost the security of information transmitted across the internet after government agencies said a Chinese carrier had misrouted traffic.

The U.S. telecommunications regulator since 2022 has been studying vulnerabilities that it says threaten the security and integrity of the Border Gateway Protocol, central to the internet’s global information routing system. The proposal would require broadband providers to create BGP security plans and file reports on risk-mitigation progress.

FCC Chair Jessica Rosenworcel said on Thursday that U.S. agencies had recently publicly disclosed that China Telecom used BGP vulnerabilities "to misroute United States internet traffic on at least six occasions."

She added, "These 'BGP hijacks' can expose personal information, enable theft, extortion, and state-level espionage."

This is the latest action by Washington to restrict Chinese telecom carriers including on undersea cables handling internet traffic and on U.S. operations.

China Telecom did not immediately respond to a request for comment.

The internet consists of tens of thousands of interconnected networks and BGP is used to exchange information to route traffic.

But the FCC noted the design of BGP "did not include security features to ensure trust in the information that is relied upon to route Internet traffic."

In April, the FCC said it was ordering the U.S. units of China Telecom, China Unicom, China Mobile and Chinese telecommunications company Pacific Networks and its wholly owned subsidiary ComNet to discontinue fixed or mobile broadband internet operations in the United States.

China Telecom told Reuters earlier it does not provide broadband internet access services as defined by the FCC order.

The commission previously had barred the Chinese companies from providing telecommunications services. Rosenworcel said earlier the commission had evidence that Chinese telecom carriers were providing broadband services in the United States.

The FCC had cited national security concerns in revoking or denying Chinese companies the right to provide U.S. telecommunications services.

The FCC previously barred approvals of new telecommunications equipment from China's Huawei Technologies and ZTE and other companies, saying they pose "an unacceptable risk" to U.S. national security.

(Reporting by David Shepardson in WashingtonEditing by Matthew Lewis)