This is your Dragon's Code: America Under Cyber Siege podcast.
Hey listeners, I'm Ting, your go-to gal for all things China cyber chaos, and buckle up because America's under siege from Dragon's Code this week—Chinese hackers dropping BRICKSTORM bombs on our infrastructure like it's Black Friday for backdoors. Picture this: I'm hunkered down in my digital war room on December 17, 2025, caffeine-fueled and firewall-fresh, dissecting the freshest hits from CISA, NSA, and the Canadian Cyber Centre's joint advisory. These state-sponsored pros from the PRC have been lurking undetected for 17 months in some spots, from April 2024 to September 2025, burrowing into VMware vSphere and Windows setups targeting government agencies, enterprise IT like telecom giants, and juicy critical infrastructure across North America.
Their methodology? Sneaky as a shadow puppet show—multi-layer encryption, DNS-over-HTTPS to mask comms, and a self-reinstall trick that laughs at your antivirus. Smarter MSP's roundup nails it: attackers chain this beast for persistent access, exfiltrating data from North American power grids and defense networks without a whisper. Then there's Salt Typhoon, the espionage rockstars Cybersecurity Insiders flagged as the year's nightmare, breaching US telecom departments and national security outfits with zero-days and social engineering. They slurped classified intel on military ops and critical systems, sparking US sanctions fury.
Over in Europe, which bleeds into our mess via shared intel, Check Point Research tracks Ink Dragon—aka Jewelbug or Earth Alux—hijacking misconfigured Euro gov servers as relay nodes for global ops. They're slinging ShadowPad, FINALDRAFT (that Outlook-abusing beast with Microsoft Graph API C2), and Cobalt Strike beacons, chaining web shells on vulnerable apps for lateral moves and data grabs. House testimony from Craig Singleton at Foundation for Defense of Democracies on December 16 spells it out: China's APT31, tied to Ministry of State Security, hit Czech Foreign Ministry since 2022, mapping NATO networks for long-term leverage. Czech Prez Petr Pavel warned it's Russia-level threat, all espionage, no sabotage—yet.
Defenses? CISA's pushing YARA and Sigma rules to scan, block rogue DNS-over-HTTPS, harden edge devices, and segment DMZ from internals. Microsoft patched CVE-2025-62221 under active exploit, Fortinet fixed auth bypasses in FortiOS, and Anthropic's Royal Hansen testified December 17 on disrupting a CCP AI-orchestrated campaign abusing Claude for speed-scaled hacks—they banned accounts in two weeks using cyber classifiers. Lessons? Experts like Singleton scream: pre-positioning in ports, telecom, and research is phase one of hybrid war; we're patching frantically but need export controls on AI chips to starve their edge. Proactive vigilance, folks—no more "oops, 17 months later."
Whew, Dragon's Code ain't playing; stay patched, segment, and hunt aggressively. Thanks for tuning in, listeners—subscribe for more cyber spice! This has been a Quiet Please production, for more check out quietplease.ai.
For more
http://www.quietplease.aiGet the best deals
https://amzn.to/3ODvOtaThis content was created in partnership and with the help of Artificial Intelligence AI
