Cyber Siege: China's Sneaky Hacks on US Water, Army & More—Millions Hit!

This is your Dragon's Code: America Under Cyber Siege podcast.

Listeners, buckle up—Ting here, your favorite China cyber whisperer, bringing you this week’s sizzling-hot episode of Dragon’s Code: America Under Cyber Siege. The past few days have been a barrage of sophisticated cyber ops, with China-linked groups leveling their sights on key U.S. systems—and some of the tactics are so clever they’d make Confucius blush.

Let’s dive in where the digital dragon struck hardest: California. According to a jaw-dropping security report, a single water utility faced an onslaught of over 6 million hits from China-based IPs in one week. Six million! Security analysts from companies like Mandiant warned this isn’t random noise; it’s classic reconnaissance—probing for weak spots in our critical infrastructure. Think quiet digital burglar, but instead of jimmying locks, they’re sniffing out vulnerabilities in water supplies that millions of Americans depend on. Talk about a way to make a splash without ever leaving Beijing!

Next, let’s talk about the compromise of the Army National Guard network in an unnamed U.S. state. According to a Department of Homeland Security memo, suspected Chinese group Salt Typhoon infiltrated the system for months—March through December 2024—carefully collecting data that could eventually be weaponized against networks in other states. And don’t forget Volt Typhoon and Silk Typhoon, whose attack tempo has doubled since 2023. These aren’t just random hackers; these are persistent adversaries, backed with resources and modern techniques like supply-chain compromise and exploiting zero-days before patches even drop.

For methodology, we’re seeing strategic use of chained SharePoint vulnerabilities. Microsoft recently confirmed that Chinese groups like Linen Typhoon and Storm-2603 exploited undisclosed bugs in SharePoint—often a day before official patches were published. This allowed them to breach major U.S. government entities, including the National Nuclear Security Administration and multiple state departments. It didn’t stop there—one group even targeted Saint Paul, Minnesota, shutting down city WiFi and forcing a return to pen-and-paper chaos. The FBI and the National Guard were called in forensically and logistically—seriously, who knew cyber could snap pencils too?

On attribution, U.S. agencies didn’t sugarcoat it. Patterns in code, command-and-control servers traced back to Chinese infrastructure, and the scale of the campaigns all point directly at state-linked actors. Microsoft even took the drastic step of halting use of China-based engineers on Defense Department cloud systems after a bombshell ProPublica report exposed their access.

Defensively, we’re seeing a turbo-charged rollout of multifactor authentication, rapid forensic investigations by federal cyber units, and the widespread isolating of compromised systems—sometimes shutting down whole networks to stop data hemorrhage. Ken Bagnall, CEO of Silent Push, likens this to a cat-and-mouse game, as attackers adapt faster than cybersecurity teams can patch.

Arnie Bellini, cybersecurity guru, summed up the mood, warning that hidden kill switches and backdoors in imported tech remain the U.S.’s biggest vulnerability—something we’re still, unfortunately, buying.

What have we learned? Supply chain security is everything. Internal vigilance isn’t optional. And the cyber Cold War is just warming up, with both sides, including China and the U.S., flinging digital barbs and even public accusations over state-sponsored hacks. This isn’t just nerds on keyboards—it’s frontline, geopolitical chess.

Thanks for tuning in—hit subscribe so you don’t miss next week’s real-time code war drama! This has been a quiet please production, for more check out quiet please dot ai.

For more