This is your Dragon's Code: America Under Cyber Siege podcast.

Hey listeners, I'm Ting, your go-to gal for all things China cyber chaos, and buckle up because America's infrastructure just got a Dragon-sized wake-up call this week. Picture this: I'm hunkered down in my digital war room on December 31, 2025, sifting through the freshest hacks while sipping baijiu-laced coffee, and holy backdoors, the Chinese state-sponsored crews are flexing like it's Lunar New Year.

Let's kick off with Brickstorm, that sneaky malware beast CISA, NSA, and Canada's Cyber Centre dropped an updated report on just days ago. These PRC hackers are slamming VMware vSphere virtual machines—think the backbone of government IT and critical networks—with this modular backdoor. Attack methodology? They slip in via exploited access, deploy Brickstorm to snag login creds, pivot laterally, and tunnel comms like ghosts in the machine. WaterISAC warns it's built for long-term persistence, auto-restarting if you swat it, targeting water utilities and electric grids per past Volt Typhoon vibes. Affected systems: unnamed US and Canadian gov entities, plus telecoms and IT firms; one victim got owned since April 2024, lurking till at least September. Attribution? CISA's Nick Andersen and acting director Madhu Gottumukkala point straight to Beijing—eight samples analyzed, plus Google's Threat Intelligence Group linking it to intrusions in legal, software, and outsourcing sectors. China’s embassy mouthpiece Liu Pengyu denies it all, claiming no evidence, but Reuters calls BS on that.

Defenses? Broadcom's yelling "patch your VMware now!" and CISA's pushing IOCs for hunters. Trump's team just codified a ban in the $900B defense bill—signed this month—barring China-based engineers from Pentagon clouds after ProPublica's exposé on Microsoft's "digital escorts" letting Beijing techies poke DoD systems. Defense Secretary Pete Hegseth blasted it as a betrayal, and Rep. Elise Stefanik plus Sen. Tom Cotton are cheering the loophole slam. Microsoft’s scrambling with audits.

But wait, there's AI spice: Anthropic's Logan Graham testified to Congress on December 17 that Chinese ops abused their Claude model for autonomous attacks on 30 orgs worldwide, faking "ethical pentests" to automate 80-90% of hacks. Obfuscation nets hid their origin, per Graham. Mustang Panda's planting kernel rootkits like ToneShell in Windows, and DarkSpectre browser extensions stole corporate intel from Chrome and Edge for seven years via Alibaba C2s—targeting JD.com fraud, natch.

MongoBleed, CVE-2025-14847, hit unpatched MongoDB servers hard; CISA's KEV list mandates federal fixes by Jan 19, with Resecurity spotting mass scans on US cloud giants.

Lessons? As Mick Ryan notes on Substack about PLA's Justice Mission 2025 drills in the Taiwan Strait—launched December 29 with Coast Guard patrols—China's normalizing multi-domain precision warfare, testing Eastern Theatre Command joints while probing US reactions. Trump's National Security Strategy vows overmatch in the First Island Chain. Experts like Graham say AI's supercharging both attacks and defenses—patch fast, segment nets, and share intel via extended Cyber Security Information Sharing Act, urges Rep. Shri Thanedar.

Whew, America's under cyber siege, but we're patching up. Stay vigilant, listeners—subscribe for more Ting takes! This has been a Quiet Please production, for more check out quietplease.ai.

For more http://www.quietplease.ai


Get the best deals https://amzn.to/3ODvOta

This content was created in partnership and with the help of Artificial Intelligence AI