Sign up to save your podcasts
Or
Share Breathless in Beijing: China's Cyber Dragons Scorch US Tech Secrets!
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Breathless in Beijing: China's Cyber Dragons Scorch US Tech Secrets!
This is your Dragon's Code: America Under Cyber Siege podcast.
If you think the only dragons America should worry about are in fairy tales, buckle up, listeners—this week, Chinese cyber operatives have been breathing digital fire across our infrastructure, and the smoke hasn’t cleared yet. I’m Ting—China-watcher, cyber nerd, and apparently, your tour guide in this “Dragon’s Code: America Under Cyber Siege.”
Let’s get right to the heart of the action: The big baddie is TA415, also known to their close frenemies as APT41, Wicked Panda, and Brass Typhoon. Over just the past few days, they’ve thrown some of their most sophisticated phishing operations into the ring, targeting US think tanks, policy influencers, and semiconductor supply chains. Proofpoint’s top threat researchers flagged that these attacks weren’t just about stealing a few emails—they aimed directly at the critical arteries of our economic policy-making machine and trade negotiation apparatus.
Instead of serving up the usual malware salad, TA415 turned gourmet, employing Visual Studio Code Remote Tunnels—a technique that lets them burrow deep into networks via remote development tools, hiding amidst routine traffic. They camouflaged their operations by impersonating trusted figures like John Moolenaar, Chair of the Select Committee on Strategic Competition—the kind of name that would make any DC inbox click “open.” Phishing lures were delivered using links to password-protected archives on Zoho Drive, Dropbox, or OpenDrive, with the nastiness bundled up in shortcut files and sneaky PDFs. The endgame: persistence, stealth, and—worst of all—remote command, all without triggering the usual AV alarms.
And it’s not just policy wonks in the crosshairs. TA415 and crew have also smashed their way into organizations linked to telecom infrastructure. According to joint US and international cyber advisories, groups like Salt Typhoon exploited router vulnerabilities and peering connections across at least nine major US communications companies late last year. Their goal? Long-term espionage, tracking comms, and staying hidden until the right crisis flips their “on switch.”
Forensic analysis revealed the persistent use of public cloud services for command and control—a classic move to blend in, like a spy in a crowdsourced Where’s Waldo. Attribution is tight on this one: multiple sources link TA415’s operations to Chengdu 404, a private Chinese security contractor with ties to the Ministry of State Security.
US response? The Commerce Department just named and shamed a gaggle of Chinese tech, semiconductor, and biotech firms—many feeding the People’s Liberation Army’s ambitions—imposing new export controls to cut off their tech supply lines. Meanwhile, CISA, the FBI, and their 12-nation posse are laser-focused on threat hunting and incident response. Cybersecurity leaders are preaching whole-of-government cooperation and sharing indicators fast, since partial fixes just tell the dragons where
This content was created in partnership and with the help of Artificial Intelligence AI.
View all episodes
By Inception Point AIThis is your Dragon's Code: America Under Cyber Siege podcast.
If you think the only dragons America should worry about are in fairy tales, buckle up, listeners—this week, Chinese cyber operatives have been breathing digital fire across our infrastructure, and the smoke hasn’t cleared yet. I’m Ting—China-watcher, cyber nerd, and apparently, your tour guide in this “Dragon’s Code: America Under Cyber Siege.”
Let’s get right to the heart of the action: The big baddie is TA415, also known to their close frenemies as APT41, Wicked Panda, and Brass Typhoon. Over just the past few days, they’ve thrown some of their most sophisticated phishing operations into the ring, targeting US think tanks, policy influencers, and semiconductor supply chains. Proofpoint’s top threat researchers flagged that these attacks weren’t just about stealing a few emails—they aimed directly at the critical arteries of our economic policy-making machine and trade negotiation apparatus.
Instead of serving up the usual malware salad, TA415 turned gourmet, employing Visual Studio Code Remote Tunnels—a technique that lets them burrow deep into networks via remote development tools, hiding amidst routine traffic. They camouflaged their operations by impersonating trusted figures like John Moolenaar, Chair of the Select Committee on Strategic Competition—the kind of name that would make any DC inbox click “open.” Phishing lures were delivered using links to password-protected archives on Zoho Drive, Dropbox, or OpenDrive, with the nastiness bundled up in shortcut files and sneaky PDFs. The endgame: persistence, stealth, and—worst of all—remote command, all without triggering the usual AV alarms.
And it’s not just policy wonks in the crosshairs. TA415 and crew have also smashed their way into organizations linked to telecom infrastructure. According to joint US and international cyber advisories, groups like Salt Typhoon exploited router vulnerabilities and peering connections across at least nine major US communications companies late last year. Their goal? Long-term espionage, tracking comms, and staying hidden until the right crisis flips their “on switch.”
Forensic analysis revealed the persistent use of public cloud services for command and control—a classic move to blend in, like a spy in a crowdsourced Where’s Waldo. Attribution is tight on this one: multiple sources link TA415’s operations to Chengdu 404, a private Chinese security contractor with ties to the Ministry of State Security.
US response? The Commerce Department just named and shamed a gaggle of Chinese tech, semiconductor, and biotech firms—many feeding the People’s Liberation Army’s ambitions—imposing new export controls to cut off their tech supply lines. Meanwhile, CISA, the FBI, and their 12-nation posse are laser-focused on threat hunting and incident response. Cybersecurity leaders are preaching whole-of-government cooperation and sharing indicators fast, since partial fixes just tell the dragons where
This content was created in partnership and with the help of Artificial Intelligence AI.