Sign up to save your podcasts
Or
Share Volt Typhoon Hackers Zap US Power Grids as China Flexes Cyber Muscles
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Volt Typhoon Hackers Zap US Power Grids as China Flexes Cyber Muscles
This is your Dragon's Code: America Under Cyber Siege podcast.
Call me Ting: cyber sleuth, China watcher, and—let’s face it—proud geek fluent in Mandarin and malware. No time for pleasantries; this week, America’s digital dragons are breathing fire.
First up, the Volt Typhoon crew—China’s elite state-sponsored hackers—are back in action. Their target? Good old US critical infrastructure, and they don’t discriminate. Over the past few days, fresh indicators show they’ve wormed into networks spanning energy grids, water utilities, telecom, maritime systems—the works. One infosec pal at the RSA conference, Alexei Bulazel, put it bluntly: these hackers are “laying the groundwork for destructive attacks.” What’s wild is that Volt Typhoon managed to lurk in some power grid systems for almost 300 days last year, undetected, dicing up operational security like a wok chef with a cleaver.
How? They use zero-day exploits—vulnerabilities so new that even the vendors don’t have patches—mixed with ‘living-off-the-land’ tactics. That means abusing legitimate admin tools, making their traffic look like everyday network noise. It’s elegant, insidious, and very hard to spot. This week, defenders at several east coast water utilities found anomalous PowerShell command logs and suspicious outbound connections, hallmarks of Volt Typhoon’s stealthy methods.
Attribution isn’t just smoke and mirrors anymore. In a hush-hush Geneva summit last December, Chinese officials as much as admitted (with a diplomatic wink) that these attacks—specifically Volt Typhoon—were their handiwork. US officials inferred this was a warning shot: back off Taiwan, or your infrastructure gets it. As my contacts at the Soufan Center point out, Beijing’s hybrid tactics are about more than cyber-espionage; they want to keep the US off balance, especially if tensions escalate over the Taiwan Strait.
So, how are we fighting back? Homeland Security just faced Congress, pushing for more budget and united action. There’s new legislative muscle on the Hill: the Strengthening Cyber Resilience Against State-Sponsored Threats Act. The bill aims to streamline federal defenses, boost incident response, and slap down CCP-linked actors with sanctions.
Techies in the trenches are segmenting critical systems, rolling out new anomaly detection powered by machine learning, and conducting old-school incident response drills—because nothing beats muscle memory when the Red Team comes knocking.
The big lesson? Assume the adversary is already in your network. Hunt actively; trust nothing by default. As Bulazel warned, letting these escalations slide only invites more aggression. America’s digital infrastructure is a battlefield—so sharpen your tools and watch those logs. This is Ting, signing off—until the next code red.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
Call me Ting: cyber sleuth, China watcher, and—let’s face it—proud geek fluent in Mandarin and malware. No time for pleasantries; this week, America’s digital dragons are breathing fire.
First up, the Volt Typhoon crew—China’s elite state-sponsored hackers—are back in action. Their target? Good old US critical infrastructure, and they don’t discriminate. Over the past few days, fresh indicators show they’ve wormed into networks spanning energy grids, water utilities, telecom, maritime systems—the works. One infosec pal at the RSA conference, Alexei Bulazel, put it bluntly: these hackers are “laying the groundwork for destructive attacks.” What’s wild is that Volt Typhoon managed to lurk in some power grid systems for almost 300 days last year, undetected, dicing up operational security like a wok chef with a cleaver.
How? They use zero-day exploits—vulnerabilities so new that even the vendors don’t have patches—mixed with ‘living-off-the-land’ tactics. That means abusing legitimate admin tools, making their traffic look like everyday network noise. It’s elegant, insidious, and very hard to spot. This week, defenders at several east coast water utilities found anomalous PowerShell command logs and suspicious outbound connections, hallmarks of Volt Typhoon’s stealthy methods.
Attribution isn’t just smoke and mirrors anymore. In a hush-hush Geneva summit last December, Chinese officials as much as admitted (with a diplomatic wink) that these attacks—specifically Volt Typhoon—were their handiwork. US officials inferred this was a warning shot: back off Taiwan, or your infrastructure gets it. As my contacts at the Soufan Center point out, Beijing’s hybrid tactics are about more than cyber-espionage; they want to keep the US off balance, especially if tensions escalate over the Taiwan Strait.
So, how are we fighting back? Homeland Security just faced Congress, pushing for more budget and united action. There’s new legislative muscle on the Hill: the Strengthening Cyber Resilience Against State-Sponsored Threats Act. The bill aims to streamline federal defenses, boost incident response, and slap down CCP-linked actors with sanctions.
Techies in the trenches are segmenting critical systems, rolling out new anomaly detection powered by machine learning, and conducting old-school incident response drills—because nothing beats muscle memory when the Red Team comes knocking.
The big lesson? Assume the adversary is already in your network. Hunt actively; trust nothing by default. As Bulazel warned, letting these escalations slide only invites more aggression. America’s digital infrastructure is a battlefield—so sharpen your tools and watch those logs. This is Ting, signing off—until the next code red.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
View all episodes
By Quiet. PleaseThis is your Dragon's Code: America Under Cyber Siege podcast.
Call me Ting: cyber sleuth, China watcher, and—let’s face it—proud geek fluent in Mandarin and malware. No time for pleasantries; this week, America’s digital dragons are breathing fire.
First up, the Volt Typhoon crew—China’s elite state-sponsored hackers—are back in action. Their target? Good old US critical infrastructure, and they don’t discriminate. Over the past few days, fresh indicators show they’ve wormed into networks spanning energy grids, water utilities, telecom, maritime systems—the works. One infosec pal at the RSA conference, Alexei Bulazel, put it bluntly: these hackers are “laying the groundwork for destructive attacks.” What’s wild is that Volt Typhoon managed to lurk in some power grid systems for almost 300 days last year, undetected, dicing up operational security like a wok chef with a cleaver.
How? They use zero-day exploits—vulnerabilities so new that even the vendors don’t have patches—mixed with ‘living-off-the-land’ tactics. That means abusing legitimate admin tools, making their traffic look like everyday network noise. It’s elegant, insidious, and very hard to spot. This week, defenders at several east coast water utilities found anomalous PowerShell command logs and suspicious outbound connections, hallmarks of Volt Typhoon’s stealthy methods.
Attribution isn’t just smoke and mirrors anymore. In a hush-hush Geneva summit last December, Chinese officials as much as admitted (with a diplomatic wink) that these attacks—specifically Volt Typhoon—were their handiwork. US officials inferred this was a warning shot: back off Taiwan, or your infrastructure gets it. As my contacts at the Soufan Center point out, Beijing’s hybrid tactics are about more than cyber-espionage; they want to keep the US off balance, especially if tensions escalate over the Taiwan Strait.
So, how are we fighting back? Homeland Security just faced Congress, pushing for more budget and united action. There’s new legislative muscle on the Hill: the Strengthening Cyber Resilience Against State-Sponsored Threats Act. The bill aims to streamline federal defenses, boost incident response, and slap down CCP-linked actors with sanctions.
Techies in the trenches are segmenting critical systems, rolling out new anomaly detection powered by machine learning, and conducting old-school incident response drills—because nothing beats muscle memory when the Red Team comes knocking.
The big lesson? Assume the adversary is already in your network. Hunt actively; trust nothing by default. As Bulazel warned, letting these escalations slide only invites more aggression. America’s digital infrastructure is a battlefield—so sharpen your tools and watch those logs. This is Ting, signing off—until the next code red.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
Call me Ting: cyber sleuth, China watcher, and—let’s face it—proud geek fluent in Mandarin and malware. No time for pleasantries; this week, America’s digital dragons are breathing fire.
First up, the Volt Typhoon crew—China’s elite state-sponsored hackers—are back in action. Their target? Good old US critical infrastructure, and they don’t discriminate. Over the past few days, fresh indicators show they’ve wormed into networks spanning energy grids, water utilities, telecom, maritime systems—the works. One infosec pal at the RSA conference, Alexei Bulazel, put it bluntly: these hackers are “laying the groundwork for destructive attacks.” What’s wild is that Volt Typhoon managed to lurk in some power grid systems for almost 300 days last year, undetected, dicing up operational security like a wok chef with a cleaver.
How? They use zero-day exploits—vulnerabilities so new that even the vendors don’t have patches—mixed with ‘living-off-the-land’ tactics. That means abusing legitimate admin tools, making their traffic look like everyday network noise. It’s elegant, insidious, and very hard to spot. This week, defenders at several east coast water utilities found anomalous PowerShell command logs and suspicious outbound connections, hallmarks of Volt Typhoon’s stealthy methods.
Attribution isn’t just smoke and mirrors anymore. In a hush-hush Geneva summit last December, Chinese officials as much as admitted (with a diplomatic wink) that these attacks—specifically Volt Typhoon—were their handiwork. US officials inferred this was a warning shot: back off Taiwan, or your infrastructure gets it. As my contacts at the Soufan Center point out, Beijing’s hybrid tactics are about more than cyber-espionage; they want to keep the US off balance, especially if tensions escalate over the Taiwan Strait.
So, how are we fighting back? Homeland Security just faced Congress, pushing for more budget and united action. There’s new legislative muscle on the Hill: the Strengthening Cyber Resilience Against State-Sponsored Threats Act. The bill aims to streamline federal defenses, boost incident response, and slap down CCP-linked actors with sanctions.
Techies in the trenches are segmenting critical systems, rolling out new anomaly detection powered by machine learning, and conducting old-school incident response drills—because nothing beats muscle memory when the Red Team comes knocking.
The big lesson? Assume the adversary is already in your network. Hunt actively; trust nothing by default. As Bulazel warned, letting these escalations slide only invites more aggression. America’s digital infrastructure is a battlefield—so sharpen your tools and watch those logs. This is Ting, signing off—until the next code red.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta