Sign up to save your podcasts
Or
Share Busted! Chinese Hacker Mastermind Xu Zewei Nabbed in Milan Takedown
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Busted! Chinese Hacker Mastermind Xu Zewei Nabbed in Milan Takedown
This is your Dragon's Code: America Under Cyber Siege podcast.
Listeners, Ting here, and let me tell you, if you thought last week’s cyber news cycle was hot, this week turned into a digital dragon dance across America’s critical networks. It’s Dragon’s Code: America Under Cyber Siege, and the main character is Xu Zewei, a 33-year-old Chinese national accused of masterminding some of the most sophisticated cyber intrusions the US has seen—right from his former desk at Shanghai Powerock Network Co. Ltd.
This isn’t just keyboard cowboying. Xu, allegedly working at the behest of China’s Ministry of State Security, spearheaded operations involving advanced persistent threat group Silk Typhoon—formerly known as Hafnium. You may remember Silk Typhoon for their notorious mass exploitation of Microsoft Exchange Server vulnerabilities, kicking off in late 2020. With those zero-days, they didn’t just knock on the door; they ripped it off the hinges. The US Department of Justice says the campaign compromised over 60,000 organizations, including research universities and law firms, using web shells for covert, long-term access. Xu and his co-conspirators targeted COVID-19 research at American universities—including the University of Texas—by specifically hacking the email accounts of virologists and immunologists, then reporting their loot back to the Shanghai State Security Bureau.
Nicholas Ganjei, U.S. Attorney for the Southern District of Texas, called Xu’s arrest in Milan a key moment, but as John Hultquist at Google’s Threat Intelligence Group put it, nabbing one hacker—no matter how skilled—isn’t going to stop Silk Typhoon. This group is large, agile, and government-backed; their campaigns use zero-day exploits and credential harvesting as standard operating procedure, targeting everything from critical infrastructure to legal and healthcare sectors.
Attribution in these ops? Investigators managed to get hold of Xu’s own messages with his superiors, which is the kind of evidence cyber sleuths dream about. But let’s talk defense: US agencies—along with tech giants like Microsoft—rushed to patch vulnerabilities and deploy rapid incident response, while the FBI and DOJ coordinated internationally to make arrests. But the bad news? These ops are run like startups—Silk Typhoon has multiple teams and tons of resources. Their playbook includes outsourcing attacks to private Chinese firms, muddying the attribution waters and making them hard to root out entirely.
Experts, like Annie Fixler at the Foundation for Defense of Democracies, warn that America’s best weapon is cooperation—and it’s at risk. The Cybersecurity Information Sharing Act, which allows the private sector and government to swap threat intelligence without legal blowback, faces sunset unless Congress acts fast. Without it, sharing knowledge about fresh threats like Silk Typhoon becomes legally dicey—and no one wants that.
The main lesson this week? Sophisticated attackers will keep coming, but collaboration—across companies, industries, and governments—is the only way we stay one step ahead. And maybe, just maybe, the arrest of Xu Zewei will make the next young hacker in Shanghai think twice before firing up Metasploit.
Thanks for tuning in to Dragon’s Code. Don’t forget to subscribe—and remember, this has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
Listeners, Ting here, and let me tell you, if you thought last week’s cyber news cycle was hot, this week turned into a digital dragon dance across America’s critical networks. It’s Dragon’s Code: America Under Cyber Siege, and the main character is Xu Zewei, a 33-year-old Chinese national accused of masterminding some of the most sophisticated cyber intrusions the US has seen—right from his former desk at Shanghai Powerock Network Co. Ltd.
This isn’t just keyboard cowboying. Xu, allegedly working at the behest of China’s Ministry of State Security, spearheaded operations involving advanced persistent threat group Silk Typhoon—formerly known as Hafnium. You may remember Silk Typhoon for their notorious mass exploitation of Microsoft Exchange Server vulnerabilities, kicking off in late 2020. With those zero-days, they didn’t just knock on the door; they ripped it off the hinges. The US Department of Justice says the campaign compromised over 60,000 organizations, including research universities and law firms, using web shells for covert, long-term access. Xu and his co-conspirators targeted COVID-19 research at American universities—including the University of Texas—by specifically hacking the email accounts of virologists and immunologists, then reporting their loot back to the Shanghai State Security Bureau.
Nicholas Ganjei, U.S. Attorney for the Southern District of Texas, called Xu’s arrest in Milan a key moment, but as John Hultquist at Google’s Threat Intelligence Group put it, nabbing one hacker—no matter how skilled—isn’t going to stop Silk Typhoon. This group is large, agile, and government-backed; their campaigns use zero-day exploits and credential harvesting as standard operating procedure, targeting everything from critical infrastructure to legal and healthcare sectors.
Attribution in these ops? Investigators managed to get hold of Xu’s own messages with his superiors, which is the kind of evidence cyber sleuths dream about. But let’s talk defense: US agencies—along with tech giants like Microsoft—rushed to patch vulnerabilities and deploy rapid incident response, while the FBI and DOJ coordinated internationally to make arrests. But the bad news? These ops are run like startups—Silk Typhoon has multiple teams and tons of resources. Their playbook includes outsourcing attacks to private Chinese firms, muddying the attribution waters and making them hard to root out entirely.
Experts, like Annie Fixler at the Foundation for Defense of Democracies, warn that America’s best weapon is cooperation—and it’s at risk. The Cybersecurity Information Sharing Act, which allows the private sector and government to swap threat intelligence without legal blowback, faces sunset unless Congress acts fast. Without it, sharing knowledge about fresh threats like Silk Typhoon becomes legally dicey—and no one wants that.
The main lesson this week? Sophisticated attackers will keep coming, but collaboration—across companies, industries, and governments—is the only way we stay one step ahead. And maybe, just maybe, the arrest of Xu Zewei will make the next young hacker in Shanghai think twice before firing up Metasploit.
Thanks for tuning in to Dragon’s Code. Don’t forget to subscribe—and remember, this has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
View all episodes
By Quiet. PleaseThis is your Dragon's Code: America Under Cyber Siege podcast.
Listeners, Ting here, and let me tell you, if you thought last week’s cyber news cycle was hot, this week turned into a digital dragon dance across America’s critical networks. It’s Dragon’s Code: America Under Cyber Siege, and the main character is Xu Zewei, a 33-year-old Chinese national accused of masterminding some of the most sophisticated cyber intrusions the US has seen—right from his former desk at Shanghai Powerock Network Co. Ltd.
This isn’t just keyboard cowboying. Xu, allegedly working at the behest of China’s Ministry of State Security, spearheaded operations involving advanced persistent threat group Silk Typhoon—formerly known as Hafnium. You may remember Silk Typhoon for their notorious mass exploitation of Microsoft Exchange Server vulnerabilities, kicking off in late 2020. With those zero-days, they didn’t just knock on the door; they ripped it off the hinges. The US Department of Justice says the campaign compromised over 60,000 organizations, including research universities and law firms, using web shells for covert, long-term access. Xu and his co-conspirators targeted COVID-19 research at American universities—including the University of Texas—by specifically hacking the email accounts of virologists and immunologists, then reporting their loot back to the Shanghai State Security Bureau.
Nicholas Ganjei, U.S. Attorney for the Southern District of Texas, called Xu’s arrest in Milan a key moment, but as John Hultquist at Google’s Threat Intelligence Group put it, nabbing one hacker—no matter how skilled—isn’t going to stop Silk Typhoon. This group is large, agile, and government-backed; their campaigns use zero-day exploits and credential harvesting as standard operating procedure, targeting everything from critical infrastructure to legal and healthcare sectors.
Attribution in these ops? Investigators managed to get hold of Xu’s own messages with his superiors, which is the kind of evidence cyber sleuths dream about. But let’s talk defense: US agencies—along with tech giants like Microsoft—rushed to patch vulnerabilities and deploy rapid incident response, while the FBI and DOJ coordinated internationally to make arrests. But the bad news? These ops are run like startups—Silk Typhoon has multiple teams and tons of resources. Their playbook includes outsourcing attacks to private Chinese firms, muddying the attribution waters and making them hard to root out entirely.
Experts, like Annie Fixler at the Foundation for Defense of Democracies, warn that America’s best weapon is cooperation—and it’s at risk. The Cybersecurity Information Sharing Act, which allows the private sector and government to swap threat intelligence without legal blowback, faces sunset unless Congress acts fast. Without it, sharing knowledge about fresh threats like Silk Typhoon becomes legally dicey—and no one wants that.
The main lesson this week? Sophisticated attackers will keep coming, but collaboration—across companies, industries, and governments—is the only way we stay one step ahead. And maybe, just maybe, the arrest of Xu Zewei will make the next young hacker in Shanghai think twice before firing up Metasploit.
Thanks for tuning in to Dragon’s Code. Don’t forget to subscribe—and remember, this has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
Listeners, Ting here, and let me tell you, if you thought last week’s cyber news cycle was hot, this week turned into a digital dragon dance across America’s critical networks. It’s Dragon’s Code: America Under Cyber Siege, and the main character is Xu Zewei, a 33-year-old Chinese national accused of masterminding some of the most sophisticated cyber intrusions the US has seen—right from his former desk at Shanghai Powerock Network Co. Ltd.
This isn’t just keyboard cowboying. Xu, allegedly working at the behest of China’s Ministry of State Security, spearheaded operations involving advanced persistent threat group Silk Typhoon—formerly known as Hafnium. You may remember Silk Typhoon for their notorious mass exploitation of Microsoft Exchange Server vulnerabilities, kicking off in late 2020. With those zero-days, they didn’t just knock on the door; they ripped it off the hinges. The US Department of Justice says the campaign compromised over 60,000 organizations, including research universities and law firms, using web shells for covert, long-term access. Xu and his co-conspirators targeted COVID-19 research at American universities—including the University of Texas—by specifically hacking the email accounts of virologists and immunologists, then reporting their loot back to the Shanghai State Security Bureau.
Nicholas Ganjei, U.S. Attorney for the Southern District of Texas, called Xu’s arrest in Milan a key moment, but as John Hultquist at Google’s Threat Intelligence Group put it, nabbing one hacker—no matter how skilled—isn’t going to stop Silk Typhoon. This group is large, agile, and government-backed; their campaigns use zero-day exploits and credential harvesting as standard operating procedure, targeting everything from critical infrastructure to legal and healthcare sectors.
Attribution in these ops? Investigators managed to get hold of Xu’s own messages with his superiors, which is the kind of evidence cyber sleuths dream about. But let’s talk defense: US agencies—along with tech giants like Microsoft—rushed to patch vulnerabilities and deploy rapid incident response, while the FBI and DOJ coordinated internationally to make arrests. But the bad news? These ops are run like startups—Silk Typhoon has multiple teams and tons of resources. Their playbook includes outsourcing attacks to private Chinese firms, muddying the attribution waters and making them hard to root out entirely.
Experts, like Annie Fixler at the Foundation for Defense of Democracies, warn that America’s best weapon is cooperation—and it’s at risk. The Cybersecurity Information Sharing Act, which allows the private sector and government to swap threat intelligence without legal blowback, faces sunset unless Congress acts fast. Without it, sharing knowledge about fresh threats like Silk Typhoon becomes legally dicey—and no one wants that.
The main lesson this week? Sophisticated attackers will keep coming, but collaboration—across companies, industries, and governments—is the only way we stay one step ahead. And maybe, just maybe, the arrest of Xu Zewei will make the next young hacker in Shanghai think twice before firing up Metasploit.
Thanks for tuning in to Dragon’s Code. Don’t forget to subscribe—and remember, this has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta