Sign up to save your podcasts
Or
Share Salt Typhoon: The Chinese Hack That Spied on Your Grandma's Calls! 😱🇨🇳📞
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Salt Typhoon: The Chinese Hack That Spied on Your Grandma's Calls! 😱🇨🇳📞
This is your Dragon's Code: America Under Cyber Siege podcast.
Alright listeners, I'm Ting, and let me tell you, the past few days have been absolutely wild in the cyber world. We're talking about Chinese state-sponsored hackers running what might be the most audacious surveillance operation in modern history, and frankly, it's way more terrifying than any spy thriller you could stream.
Let's jump straight into it. Salt Typhoon, a Chinese state-sponsored hacking group, maintained persistent access to U.S. telecommunications infrastructure for five years, from 2019 to 2024, and here's the kicker: they basically had full reign access to everything. I'm talking phone calls, text messages, movement data on virtually every American. Former FBI cyber official Cynthia Kaiser said she can't imagine any American who wasn't impacted. That's not hyperbole, that's her actual assessment.
The sophistication here is mind-bending. Check Point's chief information security officer Pete Nicoletti explained they established a foothold and exfiltrated data for five years, which he called almost unprecedented in cyber espionage. They weren't just targeting high-profile folks like former President Donald Trump or Vice President Kamala Harris. They intercepted routine communications from regular people, like your grandmother calling to remind you to pick up groceries. If your grandma's call got intercepted, that tells you the scale we're dealing with.
Now here's where it gets technical. Salt Typhoon exploited publicly known vulnerabilities in network infrastructure, specifically CVE-2023-20198, a Cisco IOS XE web UI authentication bypass, and CVE-2023-20273 for privilege escalation. They didn't even need fancy zero-days. They just exploited what companies failed to patch quickly enough. The targets included AT&T, Verizon, and Lumen Technologies, but it expanded dramatically to data center giants like Digital Realty, which serves Amazon Web Services, Google Cloud, IBM, Microsoft, and Nvidia. Comcast got hit too, affecting millions of American households.
Between March and December 2024, Salt Typhoon breached U.S. Army National Guard networks for nine months without detection. They stole network configuration files, administrator credentials, and personally identifiable information of service members. That's a direct pathway to other government and military networks.
Three Chinese companies were identified as key players: Sichuan Juxinhe Network Technology, Beijing Huanyu Tianqiong Information Technology, and Sichuan Zhixin Ruijie Network Technology. In January 2025, the U.S. Treasury Department sanctioned Sichuan Juxinhe directly for their involvement.
The FBI and NSA released a joint advisory back in September 2024 warning about this, and FBI Director Kash Patel is currently leading the forensic examinations and witness interviews to map the full scope. But here's the troubling part: cybersecurity analysts believe the hackers are still in various organizations undetected.
The defensive moves are straightforward but urgent: patch your network infrastructure immediately, implement end-to-end encrypted messaging like Signal or FaceTime, strengthen authentication with two-factor authentication, and stay vigilant about suspicious activity.
This operation is part of what former NSA analyst Terry Dunlap calls China's 100-Year Strategy, meaning this isn't random. It's strategic positioning for long-term geopolitical objectives.
Thanks so much for tuning in, listeners. Make sure to subscribe for more cybersecurity deep dives and threat intelligence updates.
This has been a Quiet Please production. For more, check out quietplease dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Alright listeners, I'm Ting, and let me tell you, the past few days have been absolutely wild in the cyber world. We're talking about Chinese state-sponsored hackers running what might be the most audacious surveillance operation in modern history, and frankly, it's way more terrifying than any spy thriller you could stream.
Let's jump straight into it. Salt Typhoon, a Chinese state-sponsored hacking group, maintained persistent access to U.S. telecommunications infrastructure for five years, from 2019 to 2024, and here's the kicker: they basically had full reign access to everything. I'm talking phone calls, text messages, movement data on virtually every American. Former FBI cyber official Cynthia Kaiser said she can't imagine any American who wasn't impacted. That's not hyperbole, that's her actual assessment.
The sophistication here is mind-bending. Check Point's chief information security officer Pete Nicoletti explained they established a foothold and exfiltrated data for five years, which he called almost unprecedented in cyber espionage. They weren't just targeting high-profile folks like former President Donald Trump or Vice President Kamala Harris. They intercepted routine communications from regular people, like your grandmother calling to remind you to pick up groceries. If your grandma's call got intercepted, that tells you the scale we're dealing with.
Now here's where it gets technical. Salt Typhoon exploited publicly known vulnerabilities in network infrastructure, specifically CVE-2023-20198, a Cisco IOS XE web UI authentication bypass, and CVE-2023-20273 for privilege escalation. They didn't even need fancy zero-days. They just exploited what companies failed to patch quickly enough. The targets included AT&T, Verizon, and Lumen Technologies, but it expanded dramatically to data center giants like Digital Realty, which serves Amazon Web Services, Google Cloud, IBM, Microsoft, and Nvidia. Comcast got hit too, affecting millions of American households.
Between March and December 2024, Salt Typhoon breached U.S. Army National Guard networks for nine months without detection. They stole network configuration files, administrator credentials, and personally identifiable information of service members. That's a direct pathway to other government and military networks.
Three Chinese companies were identified as key players: Sichuan Juxinhe Network Technology, Beijing Huanyu Tianqiong Information Technology, and Sichuan Zhixin Ruijie Network Technology. In January 2025, the U.S. Treasury Department sanctioned Sichuan Juxinhe directly for their involvement.
The FBI and NSA released a joint advisory back in September 2024 warning about this, and FBI Director Kash Patel is currently leading the forensic examinations and witness interviews to map the full scope. But here's the troubling part: cybersecurity analysts believe the hackers are still in various organizations undetected.
The defensive moves are straightforward but urgent: patch your network infrastructure immediately, implement end-to-end encrypted messaging like Signal or FaceTime, strengthen authentication with two-factor authentication, and stay vigilant about suspicious activity.
This operation is part of what former NSA analyst Terry Dunlap calls China's 100-Year Strategy, meaning this isn't random. It's strategic positioning for long-term geopolitical objectives.
Thanks so much for tuning in, listeners. Make sure to subscribe for more cybersecurity deep dives and threat intelligence updates.
This has been a Quiet Please production. For more, check out quietplease dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
View all episodes
By Inception Point AiThis is your Dragon's Code: America Under Cyber Siege podcast.
Alright listeners, I'm Ting, and let me tell you, the past few days have been absolutely wild in the cyber world. We're talking about Chinese state-sponsored hackers running what might be the most audacious surveillance operation in modern history, and frankly, it's way more terrifying than any spy thriller you could stream.
Let's jump straight into it. Salt Typhoon, a Chinese state-sponsored hacking group, maintained persistent access to U.S. telecommunications infrastructure for five years, from 2019 to 2024, and here's the kicker: they basically had full reign access to everything. I'm talking phone calls, text messages, movement data on virtually every American. Former FBI cyber official Cynthia Kaiser said she can't imagine any American who wasn't impacted. That's not hyperbole, that's her actual assessment.
The sophistication here is mind-bending. Check Point's chief information security officer Pete Nicoletti explained they established a foothold and exfiltrated data for five years, which he called almost unprecedented in cyber espionage. They weren't just targeting high-profile folks like former President Donald Trump or Vice President Kamala Harris. They intercepted routine communications from regular people, like your grandmother calling to remind you to pick up groceries. If your grandma's call got intercepted, that tells you the scale we're dealing with.
Now here's where it gets technical. Salt Typhoon exploited publicly known vulnerabilities in network infrastructure, specifically CVE-2023-20198, a Cisco IOS XE web UI authentication bypass, and CVE-2023-20273 for privilege escalation. They didn't even need fancy zero-days. They just exploited what companies failed to patch quickly enough. The targets included AT&T, Verizon, and Lumen Technologies, but it expanded dramatically to data center giants like Digital Realty, which serves Amazon Web Services, Google Cloud, IBM, Microsoft, and Nvidia. Comcast got hit too, affecting millions of American households.
Between March and December 2024, Salt Typhoon breached U.S. Army National Guard networks for nine months without detection. They stole network configuration files, administrator credentials, and personally identifiable information of service members. That's a direct pathway to other government and military networks.
Three Chinese companies were identified as key players: Sichuan Juxinhe Network Technology, Beijing Huanyu Tianqiong Information Technology, and Sichuan Zhixin Ruijie Network Technology. In January 2025, the U.S. Treasury Department sanctioned Sichuan Juxinhe directly for their involvement.
The FBI and NSA released a joint advisory back in September 2024 warning about this, and FBI Director Kash Patel is currently leading the forensic examinations and witness interviews to map the full scope. But here's the troubling part: cybersecurity analysts believe the hackers are still in various organizations undetected.
The defensive moves are straightforward but urgent: patch your network infrastructure immediately, implement end-to-end encrypted messaging like Signal or FaceTime, strengthen authentication with two-factor authentication, and stay vigilant about suspicious activity.
This operation is part of what former NSA analyst Terry Dunlap calls China's 100-Year Strategy, meaning this isn't random. It's strategic positioning for long-term geopolitical objectives.
Thanks so much for tuning in, listeners. Make sure to subscribe for more cybersecurity deep dives and threat intelligence updates.
This has been a Quiet Please production. For more, check out quietplease dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Alright listeners, I'm Ting, and let me tell you, the past few days have been absolutely wild in the cyber world. We're talking about Chinese state-sponsored hackers running what might be the most audacious surveillance operation in modern history, and frankly, it's way more terrifying than any spy thriller you could stream.
Let's jump straight into it. Salt Typhoon, a Chinese state-sponsored hacking group, maintained persistent access to U.S. telecommunications infrastructure for five years, from 2019 to 2024, and here's the kicker: they basically had full reign access to everything. I'm talking phone calls, text messages, movement data on virtually every American. Former FBI cyber official Cynthia Kaiser said she can't imagine any American who wasn't impacted. That's not hyperbole, that's her actual assessment.
The sophistication here is mind-bending. Check Point's chief information security officer Pete Nicoletti explained they established a foothold and exfiltrated data for five years, which he called almost unprecedented in cyber espionage. They weren't just targeting high-profile folks like former President Donald Trump or Vice President Kamala Harris. They intercepted routine communications from regular people, like your grandmother calling to remind you to pick up groceries. If your grandma's call got intercepted, that tells you the scale we're dealing with.
Now here's where it gets technical. Salt Typhoon exploited publicly known vulnerabilities in network infrastructure, specifically CVE-2023-20198, a Cisco IOS XE web UI authentication bypass, and CVE-2023-20273 for privilege escalation. They didn't even need fancy zero-days. They just exploited what companies failed to patch quickly enough. The targets included AT&T, Verizon, and Lumen Technologies, but it expanded dramatically to data center giants like Digital Realty, which serves Amazon Web Services, Google Cloud, IBM, Microsoft, and Nvidia. Comcast got hit too, affecting millions of American households.
Between March and December 2024, Salt Typhoon breached U.S. Army National Guard networks for nine months without detection. They stole network configuration files, administrator credentials, and personally identifiable information of service members. That's a direct pathway to other government and military networks.
Three Chinese companies were identified as key players: Sichuan Juxinhe Network Technology, Beijing Huanyu Tianqiong Information Technology, and Sichuan Zhixin Ruijie Network Technology. In January 2025, the U.S. Treasury Department sanctioned Sichuan Juxinhe directly for their involvement.
The FBI and NSA released a joint advisory back in September 2024 warning about this, and FBI Director Kash Patel is currently leading the forensic examinations and witness interviews to map the full scope. But here's the troubling part: cybersecurity analysts believe the hackers are still in various organizations undetected.
The defensive moves are straightforward but urgent: patch your network infrastructure immediately, implement end-to-end encrypted messaging like Signal or FaceTime, strengthen authentication with two-factor authentication, and stay vigilant about suspicious activity.
This operation is part of what former NSA analyst Terry Dunlap calls China's 100-Year Strategy, meaning this isn't random. It's strategic positioning for long-term geopolitical objectives.
Thanks so much for tuning in, listeners. Make sure to subscribe for more cybersecurity deep dives and threat intelligence updates.
This has been a Quiet Please production. For more, check out quietplease dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI