CISA, NSA Urged to Conduct Annual Cybersecurity Audits of FirstNet
Sen. Ron Wyden, D-Ore., has requested that the Cybersecurity and Infrastructure Security Agency and National Security Agency conduct annual cybersecurity audits of the AT&T-operated FirstNet broadband communications platform used by first responders and the military.
In a letter to CISA and NSA, Wyden raised concerns about security flaws in mobile networks vulnerable to exploits and surveillance by hackers and foreign intelligence services, the senator’s office said Wednesday.
“These security flaws are also a national security issue, particularly if foreign governments can exploit these flaws to target U.S. government personnel,” the letter reads.
Wyden also revealed that an unnamed CISA cybersecurity expert informed his staff that the agency “had no confidence in the security of FirstNet” because AT&T is unwilling to share the results of security audits conducted against the government-only network.
“As the lead agencies responsible for the government’s cybersecurity, CISA and NSA need to have access to all relevant information regarding the cybersecurity of FirstNet and Congress needs this information to conduct oversight,” Wyden said.