Sign up to save your podcasts
Or
Share China's Cyber Dirty Tricks: From Google Calendar Hacks to Solar Spies, Beijing Plays Dirty
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
China's Cyber Dirty Tricks: From Google Calendar Hacks to Solar Spies, Beijing Plays Dirty
This is your Cyber Sentinel: Beijing Watch podcast.
Welcome back to Cyber Sentinel: Beijing Watch. I’m Ting – your favorite byte-sized guide to China’s cyber arsenal. Forget the firewall, it’s time to break down the latest moves by the Middle Kingdom in cyberspace. Ready for a rapid download? Let’s get into the code.
First, APTs in the wild – specifically, APT41 and APT31. Just yesterday, the Google Threat Intelligence Group flagged Chinese hackers leveraging Google Calendar as a command-and-control (C2) channel. That’s right: while you’re planning your dentist appointment, APT41 was scheduling payload drops to compromise government networks. This creative use of a ubiquitous cloud tool makes detection trickier and illustrates China’s penchant for blending routine digital life with covert ops. Google’s countermeasures are now in play, but the cat-and-mouse continues.
Meanwhile, Czech authorities just fingered APT31 for a 2022 hack into their Foreign Affairs Ministry. Not only is this a breach of the U.N.’s cyber norms, but it’s also a wake-up call: Beijing’s state-backed teams are still actively probing diplomatic targets for geopolitical advantage.
Zooming out, let’s talk tactics. Chinese cyber actors are escalating use of “living off the land” approaches – abusing legitimate software and third-party infrastructure to avoid easy detection. That Google Calendar trick? Just one flavor. Another recent scare: authorities uncovered rogue communication modules inside Chinese-made solar power inverters, reportedly capable of bypassing network firewalls. This could open backdoors into U.S. energy infrastructure and enable stealthy disruptions, underscoring the cyber-physical risk at play.
Targeted sectors this week are textbook: critical infrastructure (hello, Salt Typhoon and Volt Typhoon), government, and supply chain operators. The U.S. Department of Homeland Security, in a heated budget review with Secretary Kristi Noem, warned about “the most sophisticated and sustained hacking operations we have ever seen,” including intrusions that still haunt our collective memory—remember the Colonial Pipeline shutdown?
Attribution’s getting clearer, too. Experts like Mark Green and Tom Kellermann are openly naming Chinese government-backed groups, and the evidence—ranging from TTPs to C2 infrastructure and circumstantial behavior—keeps stacking up. Observers note a correlation between spikes in cyber activity and U.S.-China trade tension, especially as tariff negotiations ramp up. Cyber is the new frontline, replacing old-school trade war tactics.
Internationally, there’s louder diplomatic pushback. The Czech Republic and EU states are denouncing Chinese intrusions, while the U.S. pivots to address half a million unfilled cyber jobs—a glaring vulnerability.
So, what’s the updated cyber hygiene prescription? For defenders: assume breach, tighten identity and access management, watch for abuse of cloud services, and drill your supply chain for hidden hardware risks. Strategically, it’s time to close the cyber talent gap and invest in persistent threat hunting—because in this game, China isn’t waiting for your next meeting invite.
Stay frosty out there. This is Ting, signing off—see you at the digital frontier.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
Welcome back to Cyber Sentinel: Beijing Watch. I’m Ting – your favorite byte-sized guide to China’s cyber arsenal. Forget the firewall, it’s time to break down the latest moves by the Middle Kingdom in cyberspace. Ready for a rapid download? Let’s get into the code.
First, APTs in the wild – specifically, APT41 and APT31. Just yesterday, the Google Threat Intelligence Group flagged Chinese hackers leveraging Google Calendar as a command-and-control (C2) channel. That’s right: while you’re planning your dentist appointment, APT41 was scheduling payload drops to compromise government networks. This creative use of a ubiquitous cloud tool makes detection trickier and illustrates China’s penchant for blending routine digital life with covert ops. Google’s countermeasures are now in play, but the cat-and-mouse continues.
Meanwhile, Czech authorities just fingered APT31 for a 2022 hack into their Foreign Affairs Ministry. Not only is this a breach of the U.N.’s cyber norms, but it’s also a wake-up call: Beijing’s state-backed teams are still actively probing diplomatic targets for geopolitical advantage.
Zooming out, let’s talk tactics. Chinese cyber actors are escalating use of “living off the land” approaches – abusing legitimate software and third-party infrastructure to avoid easy detection. That Google Calendar trick? Just one flavor. Another recent scare: authorities uncovered rogue communication modules inside Chinese-made solar power inverters, reportedly capable of bypassing network firewalls. This could open backdoors into U.S. energy infrastructure and enable stealthy disruptions, underscoring the cyber-physical risk at play.
Targeted sectors this week are textbook: critical infrastructure (hello, Salt Typhoon and Volt Typhoon), government, and supply chain operators. The U.S. Department of Homeland Security, in a heated budget review with Secretary Kristi Noem, warned about “the most sophisticated and sustained hacking operations we have ever seen,” including intrusions that still haunt our collective memory—remember the Colonial Pipeline shutdown?
Attribution’s getting clearer, too. Experts like Mark Green and Tom Kellermann are openly naming Chinese government-backed groups, and the evidence—ranging from TTPs to C2 infrastructure and circumstantial behavior—keeps stacking up. Observers note a correlation between spikes in cyber activity and U.S.-China trade tension, especially as tariff negotiations ramp up. Cyber is the new frontline, replacing old-school trade war tactics.
Internationally, there’s louder diplomatic pushback. The Czech Republic and EU states are denouncing Chinese intrusions, while the U.S. pivots to address half a million unfilled cyber jobs—a glaring vulnerability.
So, what’s the updated cyber hygiene prescription? For defenders: assume breach, tighten identity and access management, watch for abuse of cloud services, and drill your supply chain for hidden hardware risks. Strategically, it’s time to close the cyber talent gap and invest in persistent threat hunting—because in this game, China isn’t waiting for your next meeting invite.
Stay frosty out there. This is Ting, signing off—see you at the digital frontier.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
View all episodes
By Quiet. PleaseThis is your Cyber Sentinel: Beijing Watch podcast.
Welcome back to Cyber Sentinel: Beijing Watch. I’m Ting – your favorite byte-sized guide to China’s cyber arsenal. Forget the firewall, it’s time to break down the latest moves by the Middle Kingdom in cyberspace. Ready for a rapid download? Let’s get into the code.
First, APTs in the wild – specifically, APT41 and APT31. Just yesterday, the Google Threat Intelligence Group flagged Chinese hackers leveraging Google Calendar as a command-and-control (C2) channel. That’s right: while you’re planning your dentist appointment, APT41 was scheduling payload drops to compromise government networks. This creative use of a ubiquitous cloud tool makes detection trickier and illustrates China’s penchant for blending routine digital life with covert ops. Google’s countermeasures are now in play, but the cat-and-mouse continues.
Meanwhile, Czech authorities just fingered APT31 for a 2022 hack into their Foreign Affairs Ministry. Not only is this a breach of the U.N.’s cyber norms, but it’s also a wake-up call: Beijing’s state-backed teams are still actively probing diplomatic targets for geopolitical advantage.
Zooming out, let’s talk tactics. Chinese cyber actors are escalating use of “living off the land” approaches – abusing legitimate software and third-party infrastructure to avoid easy detection. That Google Calendar trick? Just one flavor. Another recent scare: authorities uncovered rogue communication modules inside Chinese-made solar power inverters, reportedly capable of bypassing network firewalls. This could open backdoors into U.S. energy infrastructure and enable stealthy disruptions, underscoring the cyber-physical risk at play.
Targeted sectors this week are textbook: critical infrastructure (hello, Salt Typhoon and Volt Typhoon), government, and supply chain operators. The U.S. Department of Homeland Security, in a heated budget review with Secretary Kristi Noem, warned about “the most sophisticated and sustained hacking operations we have ever seen,” including intrusions that still haunt our collective memory—remember the Colonial Pipeline shutdown?
Attribution’s getting clearer, too. Experts like Mark Green and Tom Kellermann are openly naming Chinese government-backed groups, and the evidence—ranging from TTPs to C2 infrastructure and circumstantial behavior—keeps stacking up. Observers note a correlation between spikes in cyber activity and U.S.-China trade tension, especially as tariff negotiations ramp up. Cyber is the new frontline, replacing old-school trade war tactics.
Internationally, there’s louder diplomatic pushback. The Czech Republic and EU states are denouncing Chinese intrusions, while the U.S. pivots to address half a million unfilled cyber jobs—a glaring vulnerability.
So, what’s the updated cyber hygiene prescription? For defenders: assume breach, tighten identity and access management, watch for abuse of cloud services, and drill your supply chain for hidden hardware risks. Strategically, it’s time to close the cyber talent gap and invest in persistent threat hunting—because in this game, China isn’t waiting for your next meeting invite.
Stay frosty out there. This is Ting, signing off—see you at the digital frontier.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
Welcome back to Cyber Sentinel: Beijing Watch. I’m Ting – your favorite byte-sized guide to China’s cyber arsenal. Forget the firewall, it’s time to break down the latest moves by the Middle Kingdom in cyberspace. Ready for a rapid download? Let’s get into the code.
First, APTs in the wild – specifically, APT41 and APT31. Just yesterday, the Google Threat Intelligence Group flagged Chinese hackers leveraging Google Calendar as a command-and-control (C2) channel. That’s right: while you’re planning your dentist appointment, APT41 was scheduling payload drops to compromise government networks. This creative use of a ubiquitous cloud tool makes detection trickier and illustrates China’s penchant for blending routine digital life with covert ops. Google’s countermeasures are now in play, but the cat-and-mouse continues.
Meanwhile, Czech authorities just fingered APT31 for a 2022 hack into their Foreign Affairs Ministry. Not only is this a breach of the U.N.’s cyber norms, but it’s also a wake-up call: Beijing’s state-backed teams are still actively probing diplomatic targets for geopolitical advantage.
Zooming out, let’s talk tactics. Chinese cyber actors are escalating use of “living off the land” approaches – abusing legitimate software and third-party infrastructure to avoid easy detection. That Google Calendar trick? Just one flavor. Another recent scare: authorities uncovered rogue communication modules inside Chinese-made solar power inverters, reportedly capable of bypassing network firewalls. This could open backdoors into U.S. energy infrastructure and enable stealthy disruptions, underscoring the cyber-physical risk at play.
Targeted sectors this week are textbook: critical infrastructure (hello, Salt Typhoon and Volt Typhoon), government, and supply chain operators. The U.S. Department of Homeland Security, in a heated budget review with Secretary Kristi Noem, warned about “the most sophisticated and sustained hacking operations we have ever seen,” including intrusions that still haunt our collective memory—remember the Colonial Pipeline shutdown?
Attribution’s getting clearer, too. Experts like Mark Green and Tom Kellermann are openly naming Chinese government-backed groups, and the evidence—ranging from TTPs to C2 infrastructure and circumstantial behavior—keeps stacking up. Observers note a correlation between spikes in cyber activity and U.S.-China trade tension, especially as tariff negotiations ramp up. Cyber is the new frontline, replacing old-school trade war tactics.
Internationally, there’s louder diplomatic pushback. The Czech Republic and EU states are denouncing Chinese intrusions, while the U.S. pivots to address half a million unfilled cyber jobs—a glaring vulnerability.
So, what’s the updated cyber hygiene prescription? For defenders: assume breach, tighten identity and access management, watch for abuse of cloud services, and drill your supply chain for hidden hardware risks. Strategically, it’s time to close the cyber talent gap and invest in persistent threat hunting—because in this game, China isn’t waiting for your next meeting invite.
Stay frosty out there. This is Ting, signing off—see you at the digital frontier.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta