Sign up to save your podcasts
Or
Share Chinese Hacker Drama: Salt Typhoon Storms the Grid as US Scrambles for Cover
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Chinese Hacker Drama: Salt Typhoon Storms the Grid as US Scrambles for Cover
This is your Digital Dragon Watch: Weekly China Cyber Alert podcast.
This is Ting, your cybertastic scout reporting in for Digital Dragon Watch—and wow, the last seven days have been a buffet of cyber drama starring China, its hacking hit squads, and the US defense crowd scrambling for moves. Junk the slow intro, let’s get to the good parts:
Leading this week’s cyber parade is Salt Typhoon—Microsoft’s favorite nickname for this particularly gutsy, state-backed group out of China’s Ministry of State Security. The FBI said just last month that Salt Typhoon has hacked over 200 companies across 80 countries, from US telecoms to hotels to a Canadian telecom, and most recently struck Viasat, exploiting kernel-mode Windows rootkits like Demodex. That’s not just data exfiltration, that’s full-on espionage with anti-forensic and anti-analysis techniques that’d make a Hollywood A-lister jealous. Former NSA analyst Terry Dunlap calls them a “component of China’s 100-Year Strategy.” If that doesn’t sound ominous, I don’t know what does.
And if you thought Salt Typhoon was a one-man band, cue the Google Threat Intelligence team’s latest blog about UNC6384—aka Mustang Panda, aka TEMP.Hex—hijacking web traffic and deploying heavily obfuscated malware like SOGU.SEC against Southeast Asian diplomats. These actors aren’t just lurking at the cyber fringes; they’re right up in the government and telecom sectors where the data glitters most.
The US government is not taking this snooze-worthy. The Cybersecurity and Infrastructure Security Agency (CISA) has been alerting critical infrastructure orgs after Microsoft revealed Chinese state actors exploiting SharePoint vulnerabilities. And it’s not just CISA in the alarm club—this week a coalition including Five Eyes, plus Germany, Italy, Japan, and more, publicly called out three Chinese firms (Sichuan Juxinhe, Beijing Huanyu Tianqiong, Sichuan Zhixin Ruijie) for hands-on collaboration with the PLA and the Ministry of State Security. The US Treasury even slapped sanctions on Juxinhe for its ties to Salt Typhoon and snacking on Americans’ call records.
For sector targeting, you’re seeing everything from telecom to the trade game. The Wall Street Journal dropped news about a phishing campaign using bogus emails from Rep. John Moolenaar loaded with APT41-crafted malware, all designed to scoop insights into US-China trade talks. FBI and Capitol Police are on the hunt, no stone unturned.
Across the pond, the Czech Republic’s National Cyber and Information Security Agency just dialed up its “China risk” rating to high, warning critical infrastructure folks to avoid Chinese devices and cloud services—think IP cameras, EVs, even medical gear. They’ve confirmed direct APT31 action against the Ministry of Foreign Affairs. If you’re Euro-based and running Chinese tech anywhere near sensitive data, time to rethink your product choices ASAP.
Expert consensus? The recommendation list is packed: implement zero-trust security architectures, especially if you operate in energy, healthcare, government, or finance. Stay frosty for code injection attacks, use AI-driven threat detection, and never, ever ignore those boring-looking policy advisories. As the Picus Blue Report notes, password cracking exposure doubled this year—46% of environments weren’t ready.
The bottom line: Chinese cyber teams are well-funded, well-organized, and in hybrid mode, using every tool, channel, and disguise in the book. If you’re plugged in, stay patched, analyze your supply chain, and don’t leave your defenses in “maintenance mode.”
Thanks for tuning in, friends—from trade talks to telecom trenches, I’m Ting, and this was Digital Dragon Watch. Subscribe to stay sharp on the digital frontier. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
This is Ting, your cybertastic scout reporting in for Digital Dragon Watch—and wow, the last seven days have been a buffet of cyber drama starring China, its hacking hit squads, and the US defense crowd scrambling for moves. Junk the slow intro, let’s get to the good parts:
Leading this week’s cyber parade is Salt Typhoon—Microsoft’s favorite nickname for this particularly gutsy, state-backed group out of China’s Ministry of State Security. The FBI said just last month that Salt Typhoon has hacked over 200 companies across 80 countries, from US telecoms to hotels to a Canadian telecom, and most recently struck Viasat, exploiting kernel-mode Windows rootkits like Demodex. That’s not just data exfiltration, that’s full-on espionage with anti-forensic and anti-analysis techniques that’d make a Hollywood A-lister jealous. Former NSA analyst Terry Dunlap calls them a “component of China’s 100-Year Strategy.” If that doesn’t sound ominous, I don’t know what does.
And if you thought Salt Typhoon was a one-man band, cue the Google Threat Intelligence team’s latest blog about UNC6384—aka Mustang Panda, aka TEMP.Hex—hijacking web traffic and deploying heavily obfuscated malware like SOGU.SEC against Southeast Asian diplomats. These actors aren’t just lurking at the cyber fringes; they’re right up in the government and telecom sectors where the data glitters most.
The US government is not taking this snooze-worthy. The Cybersecurity and Infrastructure Security Agency (CISA) has been alerting critical infrastructure orgs after Microsoft revealed Chinese state actors exploiting SharePoint vulnerabilities. And it’s not just CISA in the alarm club—this week a coalition including Five Eyes, plus Germany, Italy, Japan, and more, publicly called out three Chinese firms (Sichuan Juxinhe, Beijing Huanyu Tianqiong, Sichuan Zhixin Ruijie) for hands-on collaboration with the PLA and the Ministry of State Security. The US Treasury even slapped sanctions on Juxinhe for its ties to Salt Typhoon and snacking on Americans’ call records.
For sector targeting, you’re seeing everything from telecom to the trade game. The Wall Street Journal dropped news about a phishing campaign using bogus emails from Rep. John Moolenaar loaded with APT41-crafted malware, all designed to scoop insights into US-China trade talks. FBI and Capitol Police are on the hunt, no stone unturned.
Across the pond, the Czech Republic’s National Cyber and Information Security Agency just dialed up its “China risk” rating to high, warning critical infrastructure folks to avoid Chinese devices and cloud services—think IP cameras, EVs, even medical gear. They’ve confirmed direct APT31 action against the Ministry of Foreign Affairs. If you’re Euro-based and running Chinese tech anywhere near sensitive data, time to rethink your product choices ASAP.
Expert consensus? The recommendation list is packed: implement zero-trust security architectures, especially if you operate in energy, healthcare, government, or finance. Stay frosty for code injection attacks, use AI-driven threat detection, and never, ever ignore those boring-looking policy advisories. As the Picus Blue Report notes, password cracking exposure doubled this year—46% of environments weren’t ready.
The bottom line: Chinese cyber teams are well-funded, well-organized, and in hybrid mode, using every tool, channel, and disguise in the book. If you’re plugged in, stay patched, analyze your supply chain, and don’t leave your defenses in “maintenance mode.”
Thanks for tuning in, friends—from trade talks to telecom trenches, I’m Ting, and this was Digital Dragon Watch. Subscribe to stay sharp on the digital frontier. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
View all episodes
By Inception Point AiThis is your Digital Dragon Watch: Weekly China Cyber Alert podcast.
This is Ting, your cybertastic scout reporting in for Digital Dragon Watch—and wow, the last seven days have been a buffet of cyber drama starring China, its hacking hit squads, and the US defense crowd scrambling for moves. Junk the slow intro, let’s get to the good parts:
Leading this week’s cyber parade is Salt Typhoon—Microsoft’s favorite nickname for this particularly gutsy, state-backed group out of China’s Ministry of State Security. The FBI said just last month that Salt Typhoon has hacked over 200 companies across 80 countries, from US telecoms to hotels to a Canadian telecom, and most recently struck Viasat, exploiting kernel-mode Windows rootkits like Demodex. That’s not just data exfiltration, that’s full-on espionage with anti-forensic and anti-analysis techniques that’d make a Hollywood A-lister jealous. Former NSA analyst Terry Dunlap calls them a “component of China’s 100-Year Strategy.” If that doesn’t sound ominous, I don’t know what does.
And if you thought Salt Typhoon was a one-man band, cue the Google Threat Intelligence team’s latest blog about UNC6384—aka Mustang Panda, aka TEMP.Hex—hijacking web traffic and deploying heavily obfuscated malware like SOGU.SEC against Southeast Asian diplomats. These actors aren’t just lurking at the cyber fringes; they’re right up in the government and telecom sectors where the data glitters most.
The US government is not taking this snooze-worthy. The Cybersecurity and Infrastructure Security Agency (CISA) has been alerting critical infrastructure orgs after Microsoft revealed Chinese state actors exploiting SharePoint vulnerabilities. And it’s not just CISA in the alarm club—this week a coalition including Five Eyes, plus Germany, Italy, Japan, and more, publicly called out three Chinese firms (Sichuan Juxinhe, Beijing Huanyu Tianqiong, Sichuan Zhixin Ruijie) for hands-on collaboration with the PLA and the Ministry of State Security. The US Treasury even slapped sanctions on Juxinhe for its ties to Salt Typhoon and snacking on Americans’ call records.
For sector targeting, you’re seeing everything from telecom to the trade game. The Wall Street Journal dropped news about a phishing campaign using bogus emails from Rep. John Moolenaar loaded with APT41-crafted malware, all designed to scoop insights into US-China trade talks. FBI and Capitol Police are on the hunt, no stone unturned.
Across the pond, the Czech Republic’s National Cyber and Information Security Agency just dialed up its “China risk” rating to high, warning critical infrastructure folks to avoid Chinese devices and cloud services—think IP cameras, EVs, even medical gear. They’ve confirmed direct APT31 action against the Ministry of Foreign Affairs. If you’re Euro-based and running Chinese tech anywhere near sensitive data, time to rethink your product choices ASAP.
Expert consensus? The recommendation list is packed: implement zero-trust security architectures, especially if you operate in energy, healthcare, government, or finance. Stay frosty for code injection attacks, use AI-driven threat detection, and never, ever ignore those boring-looking policy advisories. As the Picus Blue Report notes, password cracking exposure doubled this year—46% of environments weren’t ready.
The bottom line: Chinese cyber teams are well-funded, well-organized, and in hybrid mode, using every tool, channel, and disguise in the book. If you’re plugged in, stay patched, analyze your supply chain, and don’t leave your defenses in “maintenance mode.”
Thanks for tuning in, friends—from trade talks to telecom trenches, I’m Ting, and this was Digital Dragon Watch. Subscribe to stay sharp on the digital frontier. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
This is Ting, your cybertastic scout reporting in for Digital Dragon Watch—and wow, the last seven days have been a buffet of cyber drama starring China, its hacking hit squads, and the US defense crowd scrambling for moves. Junk the slow intro, let’s get to the good parts:
Leading this week’s cyber parade is Salt Typhoon—Microsoft’s favorite nickname for this particularly gutsy, state-backed group out of China’s Ministry of State Security. The FBI said just last month that Salt Typhoon has hacked over 200 companies across 80 countries, from US telecoms to hotels to a Canadian telecom, and most recently struck Viasat, exploiting kernel-mode Windows rootkits like Demodex. That’s not just data exfiltration, that’s full-on espionage with anti-forensic and anti-analysis techniques that’d make a Hollywood A-lister jealous. Former NSA analyst Terry Dunlap calls them a “component of China’s 100-Year Strategy.” If that doesn’t sound ominous, I don’t know what does.
And if you thought Salt Typhoon was a one-man band, cue the Google Threat Intelligence team’s latest blog about UNC6384—aka Mustang Panda, aka TEMP.Hex—hijacking web traffic and deploying heavily obfuscated malware like SOGU.SEC against Southeast Asian diplomats. These actors aren’t just lurking at the cyber fringes; they’re right up in the government and telecom sectors where the data glitters most.
The US government is not taking this snooze-worthy. The Cybersecurity and Infrastructure Security Agency (CISA) has been alerting critical infrastructure orgs after Microsoft revealed Chinese state actors exploiting SharePoint vulnerabilities. And it’s not just CISA in the alarm club—this week a coalition including Five Eyes, plus Germany, Italy, Japan, and more, publicly called out three Chinese firms (Sichuan Juxinhe, Beijing Huanyu Tianqiong, Sichuan Zhixin Ruijie) for hands-on collaboration with the PLA and the Ministry of State Security. The US Treasury even slapped sanctions on Juxinhe for its ties to Salt Typhoon and snacking on Americans’ call records.
For sector targeting, you’re seeing everything from telecom to the trade game. The Wall Street Journal dropped news about a phishing campaign using bogus emails from Rep. John Moolenaar loaded with APT41-crafted malware, all designed to scoop insights into US-China trade talks. FBI and Capitol Police are on the hunt, no stone unturned.
Across the pond, the Czech Republic’s National Cyber and Information Security Agency just dialed up its “China risk” rating to high, warning critical infrastructure folks to avoid Chinese devices and cloud services—think IP cameras, EVs, even medical gear. They’ve confirmed direct APT31 action against the Ministry of Foreign Affairs. If you’re Euro-based and running Chinese tech anywhere near sensitive data, time to rethink your product choices ASAP.
Expert consensus? The recommendation list is packed: implement zero-trust security architectures, especially if you operate in energy, healthcare, government, or finance. Stay frosty for code injection attacks, use AI-driven threat detection, and never, ever ignore those boring-looking policy advisories. As the Picus Blue Report notes, password cracking exposure doubled this year—46% of environments weren’t ready.
The bottom line: Chinese cyber teams are well-funded, well-organized, and in hybrid mode, using every tool, channel, and disguise in the book. If you’re plugged in, stay patched, analyze your supply chain, and don’t leave your defenses in “maintenance mode.”
Thanks for tuning in, friends—from trade talks to telecom trenches, I’m Ting, and this was Digital Dragon Watch. Subscribe to stay sharp on the digital frontier. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI