Wyden to block CISA nominee over telecom security ‘cover up’

Sen. Ron Wyden (D-Ore.) says CISA is withholding a crucial report on cyber gaps in U.S. communications networks, even after last year’s “Salt Typhoon” hacks.

Justin Doubleday@jdoubledayWFED

April 9, 2025 6:02 pm

3 min read

One senator plans to block the nominee to lead the Cybersecurity and Infrastructure Security Agency until CISA releases a report on U.S. telecommunications security.

Sen. Ron Wyden (D-Ore.) today announced his intent to object to considering Sean Plankey to serve as director of CISA. President Donald Trump nominated Plankey, a former Energy Department official, in March. The Senate Homeland Security and Governmental Affairs Committee has yet to hold Plankey’s nomination hearing.

Wyden said he’s holding Plankey’s nomination up over CISA’s refusal to release a 2022 report on “U.S. Telecommunications Insecurity.”

Wyden has been pressing CISA to release the report for several years. The agency commissioned the report amid warnings that U.S. telecommunications infrastructure has been susceptible to foreign surveillance because of known cybersecurity gaps in wireless networks.

While CISA allowed Wyden’s staff to read the report in person at the agency’s office, Wyden argued the report should be made public. He said the report isn’t classified and “contains important factual information that the public has a right to see.”

But Wyden said CISA has withheld disclosure of the report under a “deliberative process privilege” claim.

“CISA’s multi-year cover up of the phone companies’ negligent cybersecurity has real consequences,” Wyden said today in a statement for the record.

He pointed to the China-linked “Salt Typhoon” breaches of multiple U.S. telecommunications firms last year. The breach allowed Chinese spies to access the communications of multiple high-level U.S. officials, including then-Vice Presidential Candidate JD Vance.

“The federal government still does not require U.S. phone companies to meet minimum cybersecurity standards,” Wyden said. “While it is too late to prevent the Salt Typhoon hack, there is still time to prevent the next incident. As such, I intend to object to considering this nominee until CISA agrees to release this report, which will enable Congress and the public to better understand the current threats and the need for stronger cyber defenses.”

CISA did not immediately respond to a request for comment.

Trump orders review of Krebs, CISA

Meanwhile, President Donald Trump today ordered agencies to strip any security clearance still held by Chris Krebs, the founding director of CISA. Trump fired Krebs after the latter said the 2020 election was “the most secure in American history.”

Trump’s memo also “suspends any active security clearance held by individuals at entities associated with Krebs, including SentinelOne, pending a review of whether such clearances are consistent with the national interest.”

Trump’s action continues a pattern of going after his political enemies. But his order also implicates CISA’s broader activities.

The memo directs “a comprehensive evaluation of all of CISA’s activities over the last 6 years and will identify any instances where Krebs’ or CISA’s conduct appears to be contrary to the administration’s commitment to free speech and ending federal censorship, including whether Krebs’ conduct was contrary to suitability standards for federal employees or involved the unauthorized dissemination of classified information.”

The Trump administration has already targeted CISA’s election security work for cuts. The agency recently froze support for states on election security. And the cyber agency is reportedly facing broader cuts as part of federal downsizing efforts.