Sign up to save your podcasts
Or
Share Dragons Dont Breathe Fire Anymore They Code It: Beijings Zero-Day Siege on US Defense Contractors
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Dragons Dont Breathe Fire Anymore They Code It: Beijings Zero-Day Siege on US Defense Contractors
This is your Dragon's Code: America Under Cyber Siege podcast.
Hey listeners, I'm Ting, your go-to gal for all things China cyber chaos, and buckle up because this past week, America's defense industrial base got hit with Dragon's Code—a relentless cyber siege straight from Beijing's playbook. Picture this: I'm huddled over my screens on February 11, 2026, watching Google Threat Intelligence Group drop their bombshell report, flagging China-nexus crews like UNC3886 and UNC5221 as the undisputed volume kings of espionage hacks against U.S. contractors.
These sneaky operators kicked off intrusions by zero-daying over two dozen unknown flaws in edge devices—think routers, firewalls, and IoT gadgets from Honeywell and Siemens—slipping past firewalls into supply chains for unmanned aircraft systems and aerospace R&D. Google Threat Intelligence Group details how they exploited these weak points for initial access, pivoting to steal blueprints on next-gen drones and battlefield tech, all while masking as legit traffic via ORB networks. Affected systems? IT networks at Boeing suppliers, Lockheed Martin subs, and even dual-use manufacturers churning out components for F-35 jets.
Attribution? Crystal clear from GTIG's two-year analysis: IP traces, TTPs matching PLA Unit 61398 alumni, and leaked Expedition Cloud docs reviewed by Recorded Future News, showing Beijing rehearsing identical attacks on replicas of U.S.-style critical infra. These files spilled source code for "South China Sea drills," prepping takedowns of power grids and telcos—now aimed at our grids too, per CISA's acting chief warning of China targeting U.S. networks amid staff shortages.
Defenses? Singapore's Cyber Security Agency and IMDA just crushed UNC3886's assault on Singtel, M1, StarHub, and SIMBA Telecom with Operation Cyber Guardian—multi-agency takedowns isolating edge vulns and deploying AI anomaly hunters. Stateside, GTIG urges proactive threat hunting: segment OT from IT, patch edges religiously, and hunt for DKnife, Cisco Talos-attributed Chinese toolkit hijacking router traffic for credential theft since 2019.
Lessons? Cybersecurity guru Mandiant chimes in: China's tradecraft evolved—personal email phishing at Raytheon staff, per GTIG, blending social engineering with zero-days. DHS officials fret reimbursements delays could hobble responses, as FCW reports 70 CISA staff reassigned. Experts like those at Ankura CTIX say surge resilient arches now, or wartime production craters from ransomware bleed-over.
Witty wrap: Dragons don't breathe fire anymore; they code it. Stay vigilant, patch those edges, and laugh in binary at Beijing's siege.
Thanks for tuning in, listeners—subscribe for more cyber spice! This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Hey listeners, I'm Ting, your go-to gal for all things China cyber chaos, and buckle up because this past week, America's defense industrial base got hit with Dragon's Code—a relentless cyber siege straight from Beijing's playbook. Picture this: I'm huddled over my screens on February 11, 2026, watching Google Threat Intelligence Group drop their bombshell report, flagging China-nexus crews like UNC3886 and UNC5221 as the undisputed volume kings of espionage hacks against U.S. contractors.
These sneaky operators kicked off intrusions by zero-daying over two dozen unknown flaws in edge devices—think routers, firewalls, and IoT gadgets from Honeywell and Siemens—slipping past firewalls into supply chains for unmanned aircraft systems and aerospace R&D. Google Threat Intelligence Group details how they exploited these weak points for initial access, pivoting to steal blueprints on next-gen drones and battlefield tech, all while masking as legit traffic via ORB networks. Affected systems? IT networks at Boeing suppliers, Lockheed Martin subs, and even dual-use manufacturers churning out components for F-35 jets.
Attribution? Crystal clear from GTIG's two-year analysis: IP traces, TTPs matching PLA Unit 61398 alumni, and leaked Expedition Cloud docs reviewed by Recorded Future News, showing Beijing rehearsing identical attacks on replicas of U.S.-style critical infra. These files spilled source code for "South China Sea drills," prepping takedowns of power grids and telcos—now aimed at our grids too, per CISA's acting chief warning of China targeting U.S. networks amid staff shortages.
Defenses? Singapore's Cyber Security Agency and IMDA just crushed UNC3886's assault on Singtel, M1, StarHub, and SIMBA Telecom with Operation Cyber Guardian—multi-agency takedowns isolating edge vulns and deploying AI anomaly hunters. Stateside, GTIG urges proactive threat hunting: segment OT from IT, patch edges religiously, and hunt for DKnife, Cisco Talos-attributed Chinese toolkit hijacking router traffic for credential theft since 2019.
Lessons? Cybersecurity guru Mandiant chimes in: China's tradecraft evolved—personal email phishing at Raytheon staff, per GTIG, blending social engineering with zero-days. DHS officials fret reimbursements delays could hobble responses, as FCW reports 70 CISA staff reassigned. Experts like those at Ankura CTIX say surge resilient arches now, or wartime production craters from ransomware bleed-over.
Witty wrap: Dragons don't breathe fire anymore; they code it. Stay vigilant, patch those edges, and laugh in binary at Beijing's siege.
Thanks for tuning in, listeners—subscribe for more cyber spice! This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
View all episodes
By Inception Point AiThis is your Dragon's Code: America Under Cyber Siege podcast.
Hey listeners, I'm Ting, your go-to gal for all things China cyber chaos, and buckle up because this past week, America's defense industrial base got hit with Dragon's Code—a relentless cyber siege straight from Beijing's playbook. Picture this: I'm huddled over my screens on February 11, 2026, watching Google Threat Intelligence Group drop their bombshell report, flagging China-nexus crews like UNC3886 and UNC5221 as the undisputed volume kings of espionage hacks against U.S. contractors.
These sneaky operators kicked off intrusions by zero-daying over two dozen unknown flaws in edge devices—think routers, firewalls, and IoT gadgets from Honeywell and Siemens—slipping past firewalls into supply chains for unmanned aircraft systems and aerospace R&D. Google Threat Intelligence Group details how they exploited these weak points for initial access, pivoting to steal blueprints on next-gen drones and battlefield tech, all while masking as legit traffic via ORB networks. Affected systems? IT networks at Boeing suppliers, Lockheed Martin subs, and even dual-use manufacturers churning out components for F-35 jets.
Attribution? Crystal clear from GTIG's two-year analysis: IP traces, TTPs matching PLA Unit 61398 alumni, and leaked Expedition Cloud docs reviewed by Recorded Future News, showing Beijing rehearsing identical attacks on replicas of U.S.-style critical infra. These files spilled source code for "South China Sea drills," prepping takedowns of power grids and telcos—now aimed at our grids too, per CISA's acting chief warning of China targeting U.S. networks amid staff shortages.
Defenses? Singapore's Cyber Security Agency and IMDA just crushed UNC3886's assault on Singtel, M1, StarHub, and SIMBA Telecom with Operation Cyber Guardian—multi-agency takedowns isolating edge vulns and deploying AI anomaly hunters. Stateside, GTIG urges proactive threat hunting: segment OT from IT, patch edges religiously, and hunt for DKnife, Cisco Talos-attributed Chinese toolkit hijacking router traffic for credential theft since 2019.
Lessons? Cybersecurity guru Mandiant chimes in: China's tradecraft evolved—personal email phishing at Raytheon staff, per GTIG, blending social engineering with zero-days. DHS officials fret reimbursements delays could hobble responses, as FCW reports 70 CISA staff reassigned. Experts like those at Ankura CTIX say surge resilient arches now, or wartime production craters from ransomware bleed-over.
Witty wrap: Dragons don't breathe fire anymore; they code it. Stay vigilant, patch those edges, and laugh in binary at Beijing's siege.
Thanks for tuning in, listeners—subscribe for more cyber spice! This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Hey listeners, I'm Ting, your go-to gal for all things China cyber chaos, and buckle up because this past week, America's defense industrial base got hit with Dragon's Code—a relentless cyber siege straight from Beijing's playbook. Picture this: I'm huddled over my screens on February 11, 2026, watching Google Threat Intelligence Group drop their bombshell report, flagging China-nexus crews like UNC3886 and UNC5221 as the undisputed volume kings of espionage hacks against U.S. contractors.
These sneaky operators kicked off intrusions by zero-daying over two dozen unknown flaws in edge devices—think routers, firewalls, and IoT gadgets from Honeywell and Siemens—slipping past firewalls into supply chains for unmanned aircraft systems and aerospace R&D. Google Threat Intelligence Group details how they exploited these weak points for initial access, pivoting to steal blueprints on next-gen drones and battlefield tech, all while masking as legit traffic via ORB networks. Affected systems? IT networks at Boeing suppliers, Lockheed Martin subs, and even dual-use manufacturers churning out components for F-35 jets.
Attribution? Crystal clear from GTIG's two-year analysis: IP traces, TTPs matching PLA Unit 61398 alumni, and leaked Expedition Cloud docs reviewed by Recorded Future News, showing Beijing rehearsing identical attacks on replicas of U.S.-style critical infra. These files spilled source code for "South China Sea drills," prepping takedowns of power grids and telcos—now aimed at our grids too, per CISA's acting chief warning of China targeting U.S. networks amid staff shortages.
Defenses? Singapore's Cyber Security Agency and IMDA just crushed UNC3886's assault on Singtel, M1, StarHub, and SIMBA Telecom with Operation Cyber Guardian—multi-agency takedowns isolating edge vulns and deploying AI anomaly hunters. Stateside, GTIG urges proactive threat hunting: segment OT from IT, patch edges religiously, and hunt for DKnife, Cisco Talos-attributed Chinese toolkit hijacking router traffic for credential theft since 2019.
Lessons? Cybersecurity guru Mandiant chimes in: China's tradecraft evolved—personal email phishing at Raytheon staff, per GTIG, blending social engineering with zero-days. DHS officials fret reimbursements delays could hobble responses, as FCW reports 70 CISA staff reassigned. Experts like those at Ankura CTIX say surge resilient arches now, or wartime production craters from ransomware bleed-over.
Witty wrap: Dragons don't breathe fire anymore; they code it. Stay vigilant, patch those edges, and laugh in binary at Beijing's siege.
Thanks for tuning in, listeners—subscribe for more cyber spice! This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI