Dragon's Code: China's Hackers Hit America's Power Grid While We Were All Sleeping cover art

Dragon's Code: China's Hackers Hit America's Power Grid While We Were All Sleeping

Dragon's Code: China's Hackers Hit America's Power Grid While We Were All Sleeping

Listen for free

View show details
This is your Dragon's Code: America Under Cyber Siege podcast. Hey listeners, I'm Alexandra Reeves, and welcome to Dragon's Code: America Under Cyber Siege. Over the past week, as of this early morning on April 29, 2026, we've seen some of the slickest Chinese cyber ops hammering U.S. infrastructure like never before—think precision strikes from state-sponsored groups like Volt Typhoon, lurking in networks for months. It kicked off Monday with reports from the OT-ISAC energy sector threat advisory, flagging destructive wipers hitting distributed assets beyond control rooms. Attackers exploited internet-facing PLCs—programmable logic controllers—in power grids from California to Texas, using zero-day vulnerabilities in Siemens and Rockwell Automation systems. Methodologies? Living-off-the-land techniques: no malware drop, just native tools like PowerShell and Cobalt Strike beacons for lateral movement, exfiltrating SCADA configs before planting logic bombs. By Tuesday, CISA and FBI dropped attribution bombshells—IP trails, command-and-control servers in Shenzhen, China, and code signatures matching PLA Unit 61398 ops. Affected systems included East Coast substations and water treatment plants in Florida, where manipulated valves nearly flooded reservoirs. Cybersecurity expert Dmitri Alperovitch from Silverado Policy Accelerator called it "the most sophisticated supply chain breach since SolarWinds," noting embedded backdoors in firmware updates from vendors like Huawei subsidiaries. Defensive measures ramped up fast. Wednesday saw Fedsmandate air-gapping for OT environments, per joint advisories with NSA. Companies like Duke Energy deployed AI-driven anomaly detection from Dragos, isolating segments with micro-segmentation firewalls. Lessons learned? OT-ISAC's Marty Edwards stressed patching engineering workstations—80% of breaches started there—and shifting to zero-trust architectures. Government officials, including DHS Secretary Alejandro Mayorkas in a White House briefing, warned of escalation, pushing the UN's new Global Cybersecurity Mechanism launching next month for intel sharing. Experts like Nicole Perlroth, formerly of the New York Times, highlighted on her podcast how these ops blend geopolitics with data integrity hits, targeting identity systems to sow chaos. Prediction markets on Kalshi even bet on blackouts, with hackers double-dipping profits. The siege exposed our DNS vulnerabilities—fake domains mimicking PG&E and ConEd for phishing preludes, per CircleID analysis. We've fortified, but Dragon's Code lingers. Stay vigilant, segment your nets, and audit those IOCs. Thanks for tuning in, listeners—subscribe for more intel. This has been a Quiet Please production, for more check out quietplease.ai. For more http://www.quietplease.ai Get the best deals https://amzn.to/3ODvOta This content was created in partnership and with the help of Artificial Intelligence AI.
adbl_web_anon_alc_button_suppression_c
No reviews yet