Cyber Secrets Exposed: Chinese Hacker Gangs Gone Wild!

This is your Dragon's Code: America Under Cyber Siege podcast.

Ting here, and wow, what a wild ride on Dragon’s Code this week! If you thought your Monday was spicy, try waking up to news that three actual Chinese private companies—not just faceless hacker units—were orchestrating cyber assaults straight out of a Netflix thriller. I’m talking about Beijing Huanyu Tianqiong Information Technology, Sichuan Zhixin Ruijie Network Technology, and Sichuan Juxinhe Network Technology, all working with the Ministry of State Security. So, yes, the headlines weren’t lying: Salt Typhoon is back, and it’s bolder than ever. And if you were in DC, there’s a nonzero chance your text messages were cruising through Shanghai for a quick layover, as China’s hackers tapped into AT&T and Verizon, scooping up communications, location data, and, possibly, your unflattering dinner selfies.

According to a sprawling 37-page report signed by the FBI, CISA, the NSA, and nearly a dozen of our closest allied agencies, more than 200 companies, ranging from telcos to the ever-mysterious “lodging sector,” were breached. And let’s not gloss over the Department of Defense quietly finding out Salt Typhoon had burrowed into a state National Guard network undetected for almost a year. Like, if you’re going to drop a cyberbomb, at least leave a calling card, am I right?

But Salt Typhoon didn’t have the field all to itself. Enter the Qilin ransomware gang—think the French Connection meets a Bored Ape NFT. Qilin specializes in hitting state and local governments, using phishing, exploiting public-facing apps, and even multifactor authentication bombing (so, if your phone starts pinging like it’s the Fourth of July, it might not just be your mom). Qilin’s double-extortion scheme snatches sensitive data, locks up systems, and then threatens to leak everything. The Center for Internet Security pegs them for 25% of all public sector ransomware attacks in Q2 2025. Losses? Up to $40 million in a single clinic, and $91 million in ransomware tracked—and those are just what’s been reported!

Now, how do we fight back? First, cue Nick Andersen from CISA, who calls the Cybersecurity Information Sharing Act “foundational.” This law (which, by the way, might expire soon if Congress doesn’t move!) lets private companies share real-time threat intel with the Feds without fearing a lawsuit if they accidentally overshare. Gloria Glaubman, cyber whisperer from the U.S. Embassy in Tokyo, says most attack surfaces are private. That means utilities, telecoms, and even coffee companies are the canaries in our digital coal mine, first to see Chinese state-backed campaigns slipping through corporate routers—not fancy malware, just living off the land, blending in with legitimate network traffic.

The FBI and Capitol Police are hot on the heels of a new twist: Chinese spearphishing that mimics U.S. lawmakers—like Rep. John Moolenaar—to sneak into inboxes and drop malware by exploiting routine legislative processes. Dakota Cary from SentinelOne describes the use of real private firms for hacking as “inconceivable,” and I’m with him. The MSS doesn’t just have hackers, but an entire cyber-industrial complex—and, no, I don’t see us asking Apple to hack President Xi anytime soon.

The takeaways? Assume everything is compromised—yes, even that mysterious email from your congressman. Invest in incident response drills. And CISA 2015 reauthorization: that’s the legislative shield keeping public-private collaboration alive, and if it lapses, our digital fortresses are one step shakier. The experts agree: ditch the blame, treat victimized firms as, well, victims, and encourage sharing—no more cyber-shaming.

So, gear up your cyber hygiene, patch those apps, and maybe text your representative (on Signal, please) about renewing CISA. That’s it for this week's Dragon’s Code. Thanks for tuning in—don’t forget to subscribe! This has been a quiet please production, for more check out quiet please dot ai.

For more http://www.quietplease.ai


Get the best deals https://amzn.to/3ODvOta

This content was created in partnership and with the help of Artificial Intelligence AI