Trump cuts DHS board probing Chinese attacks

- The Latest
  Regular reporting on government secrecy, surveillance, and the rights of reporters and whistleblowers.
  - The Classifieds
  - News Releases
- Technology
  Working open source software products to protect journalists, newsrooms, and their sources.
  - SecureDrop
  - Dangerzone
- U.S. Press Freedom Tracker
  A database of press freedom incidents in the United States.
  - Data Visualizations
  - Explore the Database
- Digital Security Education
  Digital security trainings and resources for journalists.
  - Request a Training
  - Guides & Resources
- About Us
  Protecting and defending press freedom when we need it the most.
- Our Team
  - Staff & Contributors
  - Board of Directors
- Transparency
  - Reports & Financials
  - Announcements
- Get in Touch
  - Jobs & Internships
  - Contact Us
Donate

Header image of a two-sided scale — Electronic Frontier Foundation (2.0)

It’s the digital security training team at Freedom of the Press Foundation (FPF), with security news that keeps you, your sources, and your devices safe. If someone shared this newsletter with you, please subscribe here.

Trump hobbles DHS cybersecurity board

Within the first week of his second term, President Donald Trump said, “You’re fired!” to advisory committee members within the Department of Homeland Security. This includes its Cyber Safety Review Board, which is tasked with investigating state-sponsored cyberattacks against the United States. The CSRB was investigating Salt Typhoon, a Chinese state-sponsored hacking group tied to the breach of several U.S. telecommunication networks, as well as networks around the world, allowing the attackers to access targeted text messages, phone calls, and voicemails.

What you can do

It’s too soon to say what this will mean for the DHS’s long-term capacity to investigate state-sponsored attacks on our telecom infrastructure. Our advice remains the same: Standard phone calls and text messages are not secure. To lower risk to colleagues and sources, we recommend end-to-end encrypted communication software whenever possible. Read our guides to learn more.
If you’re a nerd interested in learning more about why phone infrastructure is very broken and have half an hour, one of my favorite channels on YouTube, Veritasium, put together a great explainer. The short version is that Signalling System 7, the decades-old plumbing that directs our phone calls and text messages to their destinations, can be fooled into sending a target’s messages to an attacker in specific circumstances. Bonus: You’ll get to watch security researchers hijack a prominent YouTuber’s text messages.

Updates from our team

My colleague Davis Erin Anderson wrote a new advice column that explains how to tell if there is malware on your device — and it’s trickier than it sounds. Check it out.

Our team is always ready to assist journalists with digital security concerns. Reach out here, and stay safe and secure out there.

Best,
Martin

–

Martin Shelton
Deputy Director of Digital Security
Freedom of the Press Foundation

Trump hobbles DHS cybersecurity board

Get Notified. Take Action

What you can do

Updates from our team

Get Notified. Take Action