Salt Typhoon Spills the Tea: China Hacks Americas Routers and Records Your Grandmas Calls

This is your Dragon's Code: America Under Cyber Siege podcast.

Today feels like we woke up inside Dragon’s Code: America Under Cyber Siege, and trust me, if you’re thinking this sounds dramatic, allow Ting to enlighten you! The past days have been a cyber thriller, starring Salt Typhoon—yep, that’s the codename for a Chinese team so bold, not even your grandma’s landline was safe. Salt Typhoon hit nearly every American, according to Michael Machtinger from the FBI. Picture this: years-long breaches against telecoms like AT&T and Verizon, starting back in 2019, and it took until last fall for the US to catch up.

These attacks weren’t picky. Your commute, your water supply, your government emails—Salt Typhoon liked to collect them all. Experts say the hackers geo-located phones, monitored internet traffic, and sometimes even recorded calls. The FBI claims President Donald Trump and Vice President JD Vance made their cameo as victims. Salt Typhoon’s toolbox? Modified backbone routers, lateral moves into trusted networks, and persistence that would make a bad Tinder match jealous. Dr. Richard Horne at the UK National Cyber Security Centre says these hackers exploited known vulnerabilities—stuff that could’ve been fixed with timely updates!

Now don’t think this was a lone wolf gig. Sichuan Juxinhe Network Technology, Beijing Huanyu Tianqiong Information Technology, and Sichuan Zhixin Ruijie Network Technology—three Chinese companies—played lead roles, providing cyber products to China’s Ministry of State Security and the People’s Liberation Army. The FBI’s Jason Bilnoski told CyberScoop that China’s outsourcing to private vendors was actually a weakness. The unregulated web allowed American investigators to trace attacks and expose methods. Let’s hear it for the CCP’s questionable contractor management!

So what are our cyber defenders doing after the Salt Typhoon bomb dropped? Secretary of Defense Pete Hegseth hastily shut down Microsoft’s Chinese digital escort program, where Chinese nationals coded for US military cloud systems. Cue the awkward audit and Microsoft’s scramble for trust rehab. According to ProPublica, Microsoft hadn’t even mentioned its China-based engineers in security filings—whoops. The Pentagon now demands audits of all defense software vendors and, basically, no more foreign coders writing sensitive code.

Defensive moves across the board: hunt for malicious network activity, patch those vulnerabilities yesterday, monitor edge routers, and always check for indicators of compromise. The NSA, CISA, and an alphabet soup of agencies worldwide rushed out a joint Cybersecurity Advisory, shouting “patch your stuff!” at anyone willing to listen. Yet, Jack Burnham from the Foundation for Defense of Democracies warns that big tech needs tough security standards to avoid another trainwreck.

Lessons? Never assume you're too boring to be a target. Patching and active network monitoring are non-negotiable. And the big one—never outsource your digital skeleton key to a competitor! The story’s still evolving, but for now, cyber experts want everyone hunting threats and prepping for the next wave.

Thanks for tuning in to Dragon’s Code with Ting—subscribe, stay patched, and keep your routers close. This has been a quiet please production, for more check out quiet please dot ai.

For more http://www.quietplease.ai


Get the best deals https://amzn.to/3ODvOta