Salt Typhoon Hacks the Planet: China's Cyber Siege Spree Snowballs

This is your Silicon Siege: China's Tech Offensive podcast.

Listeners, Ting here, dialing in with fresh cyber intel hotter than a Sichuan hotpot, so hang onto your firewalls. In just the past two weeks, China’s state-backed hackers have really put the “siege” in Silicon Siege. Let’s talk about Salt Typhoon—the cyber syndicate that’s become the bane of US tech defenders everywhere.

This group spent a solid nine months, from March through December of last year, camping out inside a US state’s Army National Guard network. According to a Department of Defense leak summarized by NBC News and analyzed by experts like Gary Barlet at Illumino, Salt Typhoon snatched network configurations, admin credentials, and even traffic logs bouncing between Guard units across every other US state and four territories. That’s like getting God mode access in the cyber-warfare video game. With these prized credentials and diagrams, they can launch follow-on attacks and map entire state-level cyber defenses. This isn’t just theoretical; they actually exfiltrated troves of configuration files from over 70 critical infrastructure organizations—think energy, transportation, water, comms. It’s an industrial espionage buffet. Imagine your home’s blueprints being emailed to a burglar—except the “home” is US infrastructure.

Salt Typhoon’s MO: exploiting years-old vulnerabilities in Cisco and Palo Alto edge gear, like CVE-2018-0171 and CVE-2023-20198. Makes you wonder: why haven’t those firewalls been patched? Erich Kron at KnowBe4 and other cyber folks warn that these sorts of supply chain compromises cascade—one National Guard compromise could snowball into hospital outages or water utility knockouts down the road. As Barlet puts it, US forces now have to assume their networks are compromised and prepare for degraded operations.

But wait, there’s more! Just when you thought it was safe to outsource tech support, a ProPublica deep-dive revealed Microsoft has been letting China-based engineers provide maintenance to Pentagon-connected cloud systems. They use a so-called “digital escort” system—Americans with clearance watch over the Chinese techies, but these watchdogs often don’t have the technical chops to spot clever sabotage or data pilfering. It’s like asking a bouncer who’s never seen blackjack to guard a Vegas casino. Michael Sobolik at the Hudson Institute calls the arrangement “beggars belief.” Since Chinese law compels tech companies and citizens to hand over data to Beijing if asked, this creates a gigantic avenue for industrial espionage and IP theft, right at the core of the US defense tech stack.

And just last week, the US decided to partially lift export restrictions on Nvidia’s and AMD’s AI chips going to China, after ByteDance and Tencent knocked at the door for more H20 GPUs. While that’s great for Wall Street, experts are already warning this could turbocharge China's AI capabilities, with DeepSeek and Alibaba rumored to be working on next-gen models even before the embargoes were relaxed.

So, strategic implications? Escalating supply chain vulnerabilities, persistent IP theft risk, and a perpetual arms race in AI. Looking forward, experts say defenders need not just technical fixes but total strategies treating every system as already compromised—because with China’s playbook, that paranoia is probably just realism.

Thanks for tuning in. Smash that subscribe button to stay several cyber steps ahead. This has been a quiet please production, for more check out quiet please dot ai.

For more http://www.quietplease.ai


Get the best deals https://amzn.to/3ODvOta