Sign up to save your podcasts
Or
Share Digital Ninjas: Chinese Hackers Lurk in US Power Grids and Hospitals
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Digital Ninjas: Chinese Hackers Lurk in US Power Grids and Hospitals
This is your Dragon's Code: America Under Cyber Siege podcast.
Hey listeners, it’s Ting here, your go-to for all things China, cyber, and hacking. Forget movie villains—real digital dragons are prowling America’s critical infrastructure, and this past week was a masterclass in cyber subterfuge, starring Beijing’s finest. Buckle up, because this is the frontline of Dragon’s Code: America Under Cyber Siege.
Let’s jump in fast—Google’s Threat Intelligence and Mandiant put a giant red pin on “BRICKSTORM,” a new, stealthy campaign tied to infamous Chinese group UNC5221. Their backdoor malware is hitting legal firms, SaaS providers, and tech companies. Why is everyone panicking? Because, as Google’s team points out, BRICKSTORM isn’t about smash and grab. This is the art of stealth—attackers worm in, plant long-term backdoors, and keep quiet for over 400 days on average. It’s less Ocean’s Eleven, more ninja monastery. The main methodology: zero-day exploitation of network appliances, living off the land, and credential abuse by masquerading as real employees. Their code is clean, their log-hiding superb, making digital forensics a nightmare.
Don’t think this is just about tech firms—America’s skeleton, the power grid, water treatment plants, even telecom networks have been targets. Volt Typhoon, another PLA-linked team, especially loves critical infrastructure. A former NSA chief, Tim Hawk—now basically the Nick Fury of cyber—reports these Chinese operatives are in systems “just laying dormant,” not pillaging data, but ready to flip the switch if conflict erupts. We’re talking potential chaos: pipelines, hospitals, and 9-1-1 comms, all on the edge of remote sabotage.
Attribution? Experts like those at Google and the DOJ say trace signatures and infrastructure point squarely to the Chinese People’s Liberation Army and Ministry of State Security. Earlier this year, the DOJ indicted 12 Chinese nationals, two with official government rank, tying them to espionage against over 100 U.S. entities—defense, Treasury, healthcare, and more. The scale is chilling: the PLA counts around 60,000 cyber personnel, most focused on offense, compared to about 6,000 at U.S. Cyber Command.
On the defense, the White House and CISA launched coordinated mitigation efforts: isolating infected networks, patching vulnerabilities, deploying endpoint detection, and ramping up intel sharing between government and affected firms. But as Nick Lawler, a power utility manager who had to rebuild his entire network, put it, “It’s way harder to kick them out than to keep them out.” The key lesson: basics matter—strong authentication, network segmentation, regular threat hunting. And, as security guru Jake Williams reminds, “The real battle is information sharing. Until companies own up and work together, we’re fighting blind.”
If you think these digital dragon attacks are about business secrets, think bigger. Xi Jinping’s vision of cyber superpower status means destabilizing rivals during any crisis. Every hidden backdoor is a loaded gun pointed at America’s core systems. The future? Experts like Tim Hawk urge relentless vigilance and honest collaboration—not just government squabbling, but a whole-of-society shield. This is a wake-up call—sleep on it, and we all might get burned.
That’s all for today on Dragon’s Code. Thanks for tuning in—don’t forget to subscribe. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Hey listeners, it’s Ting here, your go-to for all things China, cyber, and hacking. Forget movie villains—real digital dragons are prowling America’s critical infrastructure, and this past week was a masterclass in cyber subterfuge, starring Beijing’s finest. Buckle up, because this is the frontline of Dragon’s Code: America Under Cyber Siege.
Let’s jump in fast—Google’s Threat Intelligence and Mandiant put a giant red pin on “BRICKSTORM,” a new, stealthy campaign tied to infamous Chinese group UNC5221. Their backdoor malware is hitting legal firms, SaaS providers, and tech companies. Why is everyone panicking? Because, as Google’s team points out, BRICKSTORM isn’t about smash and grab. This is the art of stealth—attackers worm in, plant long-term backdoors, and keep quiet for over 400 days on average. It’s less Ocean’s Eleven, more ninja monastery. The main methodology: zero-day exploitation of network appliances, living off the land, and credential abuse by masquerading as real employees. Their code is clean, their log-hiding superb, making digital forensics a nightmare.
Don’t think this is just about tech firms—America’s skeleton, the power grid, water treatment plants, even telecom networks have been targets. Volt Typhoon, another PLA-linked team, especially loves critical infrastructure. A former NSA chief, Tim Hawk—now basically the Nick Fury of cyber—reports these Chinese operatives are in systems “just laying dormant,” not pillaging data, but ready to flip the switch if conflict erupts. We’re talking potential chaos: pipelines, hospitals, and 9-1-1 comms, all on the edge of remote sabotage.
Attribution? Experts like those at Google and the DOJ say trace signatures and infrastructure point squarely to the Chinese People’s Liberation Army and Ministry of State Security. Earlier this year, the DOJ indicted 12 Chinese nationals, two with official government rank, tying them to espionage against over 100 U.S. entities—defense, Treasury, healthcare, and more. The scale is chilling: the PLA counts around 60,000 cyber personnel, most focused on offense, compared to about 6,000 at U.S. Cyber Command.
On the defense, the White House and CISA launched coordinated mitigation efforts: isolating infected networks, patching vulnerabilities, deploying endpoint detection, and ramping up intel sharing between government and affected firms. But as Nick Lawler, a power utility manager who had to rebuild his entire network, put it, “It’s way harder to kick them out than to keep them out.” The key lesson: basics matter—strong authentication, network segmentation, regular threat hunting. And, as security guru Jake Williams reminds, “The real battle is information sharing. Until companies own up and work together, we’re fighting blind.”
If you think these digital dragon attacks are about business secrets, think bigger. Xi Jinping’s vision of cyber superpower status means destabilizing rivals during any crisis. Every hidden backdoor is a loaded gun pointed at America’s core systems. The future? Experts like Tim Hawk urge relentless vigilance and honest collaboration—not just government squabbling, but a whole-of-society shield. This is a wake-up call—sleep on it, and we all might get burned.
That’s all for today on Dragon’s Code. Thanks for tuning in—don’t forget to subscribe. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
View all episodes
By Inception Point AiThis is your Dragon's Code: America Under Cyber Siege podcast.
Hey listeners, it’s Ting here, your go-to for all things China, cyber, and hacking. Forget movie villains—real digital dragons are prowling America’s critical infrastructure, and this past week was a masterclass in cyber subterfuge, starring Beijing’s finest. Buckle up, because this is the frontline of Dragon’s Code: America Under Cyber Siege.
Let’s jump in fast—Google’s Threat Intelligence and Mandiant put a giant red pin on “BRICKSTORM,” a new, stealthy campaign tied to infamous Chinese group UNC5221. Their backdoor malware is hitting legal firms, SaaS providers, and tech companies. Why is everyone panicking? Because, as Google’s team points out, BRICKSTORM isn’t about smash and grab. This is the art of stealth—attackers worm in, plant long-term backdoors, and keep quiet for over 400 days on average. It’s less Ocean’s Eleven, more ninja monastery. The main methodology: zero-day exploitation of network appliances, living off the land, and credential abuse by masquerading as real employees. Their code is clean, their log-hiding superb, making digital forensics a nightmare.
Don’t think this is just about tech firms—America’s skeleton, the power grid, water treatment plants, even telecom networks have been targets. Volt Typhoon, another PLA-linked team, especially loves critical infrastructure. A former NSA chief, Tim Hawk—now basically the Nick Fury of cyber—reports these Chinese operatives are in systems “just laying dormant,” not pillaging data, but ready to flip the switch if conflict erupts. We’re talking potential chaos: pipelines, hospitals, and 9-1-1 comms, all on the edge of remote sabotage.
Attribution? Experts like those at Google and the DOJ say trace signatures and infrastructure point squarely to the Chinese People’s Liberation Army and Ministry of State Security. Earlier this year, the DOJ indicted 12 Chinese nationals, two with official government rank, tying them to espionage against over 100 U.S. entities—defense, Treasury, healthcare, and more. The scale is chilling: the PLA counts around 60,000 cyber personnel, most focused on offense, compared to about 6,000 at U.S. Cyber Command.
On the defense, the White House and CISA launched coordinated mitigation efforts: isolating infected networks, patching vulnerabilities, deploying endpoint detection, and ramping up intel sharing between government and affected firms. But as Nick Lawler, a power utility manager who had to rebuild his entire network, put it, “It’s way harder to kick them out than to keep them out.” The key lesson: basics matter—strong authentication, network segmentation, regular threat hunting. And, as security guru Jake Williams reminds, “The real battle is information sharing. Until companies own up and work together, we’re fighting blind.”
If you think these digital dragon attacks are about business secrets, think bigger. Xi Jinping’s vision of cyber superpower status means destabilizing rivals during any crisis. Every hidden backdoor is a loaded gun pointed at America’s core systems. The future? Experts like Tim Hawk urge relentless vigilance and honest collaboration—not just government squabbling, but a whole-of-society shield. This is a wake-up call—sleep on it, and we all might get burned.
That’s all for today on Dragon’s Code. Thanks for tuning in—don’t forget to subscribe. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Hey listeners, it’s Ting here, your go-to for all things China, cyber, and hacking. Forget movie villains—real digital dragons are prowling America’s critical infrastructure, and this past week was a masterclass in cyber subterfuge, starring Beijing’s finest. Buckle up, because this is the frontline of Dragon’s Code: America Under Cyber Siege.
Let’s jump in fast—Google’s Threat Intelligence and Mandiant put a giant red pin on “BRICKSTORM,” a new, stealthy campaign tied to infamous Chinese group UNC5221. Their backdoor malware is hitting legal firms, SaaS providers, and tech companies. Why is everyone panicking? Because, as Google’s team points out, BRICKSTORM isn’t about smash and grab. This is the art of stealth—attackers worm in, plant long-term backdoors, and keep quiet for over 400 days on average. It’s less Ocean’s Eleven, more ninja monastery. The main methodology: zero-day exploitation of network appliances, living off the land, and credential abuse by masquerading as real employees. Their code is clean, their log-hiding superb, making digital forensics a nightmare.
Don’t think this is just about tech firms—America’s skeleton, the power grid, water treatment plants, even telecom networks have been targets. Volt Typhoon, another PLA-linked team, especially loves critical infrastructure. A former NSA chief, Tim Hawk—now basically the Nick Fury of cyber—reports these Chinese operatives are in systems “just laying dormant,” not pillaging data, but ready to flip the switch if conflict erupts. We’re talking potential chaos: pipelines, hospitals, and 9-1-1 comms, all on the edge of remote sabotage.
Attribution? Experts like those at Google and the DOJ say trace signatures and infrastructure point squarely to the Chinese People’s Liberation Army and Ministry of State Security. Earlier this year, the DOJ indicted 12 Chinese nationals, two with official government rank, tying them to espionage against over 100 U.S. entities—defense, Treasury, healthcare, and more. The scale is chilling: the PLA counts around 60,000 cyber personnel, most focused on offense, compared to about 6,000 at U.S. Cyber Command.
On the defense, the White House and CISA launched coordinated mitigation efforts: isolating infected networks, patching vulnerabilities, deploying endpoint detection, and ramping up intel sharing between government and affected firms. But as Nick Lawler, a power utility manager who had to rebuild his entire network, put it, “It’s way harder to kick them out than to keep them out.” The key lesson: basics matter—strong authentication, network segmentation, regular threat hunting. And, as security guru Jake Williams reminds, “The real battle is information sharing. Until companies own up and work together, we’re fighting blind.”
If you think these digital dragon attacks are about business secrets, think bigger. Xi Jinping’s vision of cyber superpower status means destabilizing rivals during any crisis. Every hidden backdoor is a loaded gun pointed at America’s core systems. The future? Experts like Tim Hawk urge relentless vigilance and honest collaboration—not just government squabbling, but a whole-of-society shield. This is a wake-up call—sleep on it, and we all might get burned.
That’s all for today on Dragon’s Code. Thanks for tuning in—don’t forget to subscribe. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI