This is your Cyber Sentinel: Beijing Watch podcast.Hey listeners, Ting here on Cyber Sentinel: Beijing Watch, and boy do we have a week to unpack. It's December first, 2025, and the Chinese cyber offensive just hit a new stratosphere of audacity that frankly makes your standard APT look like someone's kid brother trying to hack their mom's email.Let me cut straight to it. Salt Typhoon, this absolutely monstrous state-sponsored operation attributed to China's Ministry of State Security and People's Liberation Army units, just got exposed as having maintained persistent access to US telecommunications infrastructure for a full five years. We're talking 2019 to 2024. Former FBI cyber official Cynthia Kaiser actually said it's nearly impossible to imagine any American who wasn't impacted. Your grandmother's call reminding you to pick up groceries? Yeah, they heard that too. These actors had what Pete Nicoletti, chief information security officer at Check Point, describes as full reign access to telecommunications data. They didn't just tap phones belonging to high-value targets like former President Donald Trump or Vice President Kamala Harris. They scraped everything.The operational sophistication here is genuinely terrifying. Salt Typhoon established footholds and exfiltrated data over five years, which according to cybersecurity experts is almost unprecedented. They exploited publicly known vulnerabilities like CVE-2023-20198, a Cisco IOS XE authentication bypass, rather than burning zero-days. Why waste the expensive stuff when known exploits work perfectly against unpatched systems? They also compromised the Army National Guard for nine months undetected, stealing network configuration files, administrator credentials, and personally identifiable information of service members.But here's where it gets worse. Three Chinese companies emerged as key players: Sichuan Juxinhe Network Technology, Beijing Huanyu Tianqiong Information Technology, and Sichuan Zhixin Ruijie Network Technology. Sichuan Juxinhe just got sanctioned by the US Treasury in January 2025 for direct involvement. Meanwhile, recent intelligence suggests the campaign expanded from telecom providers like AT&T, Verizon, and Lumen Technologies into data center infrastructure. Digital Realty and Comcast are likely victims according to confidential sources.The FBI confirmed Salt Typhoon compromised at least two hundred companies across eighty countries, making this truly a global crisis. They've continued operating even after exposure, targeting over a thousand unpatched Cisco edge devices globally between December 2024 and January 2025, infiltrating five additional telecommunications providers and compromising universities including UCLA and Loyola Marymount University.What makes this strategically significant is that these aren't random attacks. This represents what analysts call a component of China's hundred-year strategy. They're positioning for long-term geopolitical leverage, not quick intelligence grabs.The federal response includes FBI Director Kash Patel leading forensic examinations of affected devices and witness interviews to map the attack's full scope. The Treasury Department imposed sanctions on the companies involved, while the Federal Communications Commission threatened fines for companies failing to bolster defenses.Thanks for tuning in to Cyber Sentinel: Beijing Watch. Make sure you subscribe for more deep dives into the cyber operations shaping our world. This has been a quiet please production, for more check out quiet please dot ai.For more http://www.quietplease.aiGet the best deals https://amzn.to/3ODvOtaThis content was created in partnership and with the help of Artificial Intelligence AI

Ver todos los episodios