Ep 9: The New Frontline
Is this digital coercion? A warning to stay out of Taiwan? Is an invasion imminent—and are we ready for the cyber fallout that could come with it?
In the final episode of this series, host and former New York Times cybersecurity reporter, Nicole Perlroth, investigates the nightmare scenarios U.S. officials are gaming out behind closed doors. The battlefield is already shifting—tilting toward Beijing. And while China prepares, America’s attack surface only grows.
This isn’t just a problem for Washington. The new front line runs through all of us.
Listen and follow along
Transcript
Tonight, we are learning more about a cyber attack forcing the shutdown of one of the main pipelines supplying gas and diesel fuel to the East Coast.
You can see hundreds of cars here, and this is just one gas station.
Drivers here tell me they're waiting up to an hour.
That's where the line starts.
We can't even see where it ends.
The lines for gas getting longer from the Carolinas down to Florida.
Panic drivers overwhelming gas stations.
It's May of 2021.
Jets are grounded.
Up and down the eastern seaboard, lines at gas stations sneak for blocks.
Panicked Americans vie to fill up garbage bags with gas.
I suspected just prices would go way up.
I didn't suspect there wouldn't be any.
We put a stop to the can sales today.
People were coming in and trying to buy, you know, five and ten cans worth of gasoline.
They're just hoarding it.
The partial shutdown of the colonial pipeline is causing panic buying.
The U.S.
Consumer Product Safety Commission can't believe they had to warn the public about this, but they did.
They warned people about filling plastic bags with gasoline.
The warning comes after images surfaced on social media of the trunk of a car holding bags filled with gas and video of a woman pouring gas into a plastic bag.
Colonial Pipeline.
The 5,500-mile artery that carries America's lifeblood, gas, diesel, jet fuel, from Texas up to New Jersey had been shut down.
A cyber attack took the company's IT systems out of commission, jolting all operations to a sudden halt.
People panicked.
If someone, say China, wanted to wreak chaos and havoc on the United States, this was how to do it.
But this wasn't the work of China or Russia or Iran for that matter.
This was a group of cyber criminals looking for a quick payday.
Colonial Pipeline was hit by ransomware, and the attack didn't even hit the pipeline itself.
But without any way to bill its customers and with shaky confidence in the air gap between employees' computers and its pipeline operation, Colonial preemptively shut that down too.
The country's largest pipeline was out of commission for five days.
And had Colonial Pipeline not paid off its extortionists or had backups they could tap into, the paralysis could have been much, much worse.
Back at the times, we got our hands on a confidential Department of Energy assessment that found that as a country, we could have only afforded three or four more days of downtime before that attack brought the entire U.S.
economy to its knees.
It wasn't so much the gas or jet fuel.
We had the reserves for those.
It was the diesel required to run our factories.
The attack and the dependencies it revealed caught the nation completely off guard.
And China's leaders paid careful attention.
You would see clear panic, you would see clear chaos.
And, you know, just on a very micro level, we saw this with the ransomware attack on colonial pipeline that ended up shutting off gas to the eastern seaboard for a couple days.
You saw the panic that that induced.
Well, the Chinese saw that as well.
The Chinese government is watching very closely what is happening in America and some of the fragility that they see, quite frankly, within our democratic processes.
That was Jen Easterly, who led CISA, the nation's cyber defense agency, under Biden.
Cut to present day when China's PLA hackers, right now, right this instant, are inside hundreds of colonial pipeline equivalents across the country.
It's not an assessment from the Intel community.
It is not a hypothetical threat.
It is a very real threat that the hunt teams that we have at CISA
have identified, and we've found them in transportation, and water, and power, and communications.
But when you talk about what's the breadth and depth of the targets, the answer is we don't know.
We think what we found to date is likely the tip of the iceberg.
The tip of the iceberg.
So what's lurking beneath the surface?
Before I continue, let me say again what I said at the start.
We cannot confuse the Chinese government with the Chinese people.
Paranoia and xenophobia can, and have,
push nations towards authoritarianism.
fascism.
They risk turning us into our worst enemy.
China's grip on our infrastructure has nothing to do with everyday Chinese people, who in too many cases are themselves held hostage by the party's digital dragnets.
And this isn't just a moral distinction.
It's strategic.
Because xenophobia isn't just repulsive, it's reckless.
It fuels violence, pulls us further up the escalation ladder, and drags us closer to a fight that, frankly, the United States is not ready for.
As you'll hear, it's time to pause, prepare, and think hard about where this road leads.
I'm Nicole Kerleroth, and this is to catch a thief.
If you ask me, the most underreported issue of the past five years is not what's happening on our physical borders.
It is the total collapse of our digital borders.
And the fact, and it is now fact, that China's hackers are at this very moment lurking inside our water, our power,
our ports, our communications, our railway, our aviation networks, sitting idle,
waiting.
As Andrew Scott put it in the last episode.
And one thing that I really wanted to emphasize here is: I've even gotten questions recently of what's fundamentally different now.
And the answer really is:
we've now confirmed they're there.
The PRC is inside the house.
I repeat, the PRC is inside the house.
Through meticulous infiltration of our most critical infrastructure, the PRC has assembled a big red button, one they can press at any moment to trigger nationwide panic and chaos.
That's terrifying enough all on its own.
But then you take a closer look at China's own military doctrine.
In 1999, two senior PLA colonels, Wang Xiangsui and Chiaoliang, wrote a book, a manifesto, really.
They called it unrestricted warfare.
And here is a direct quote.
Whether it be the intrusions of hackers, a major explosion at the World Trade Center, or a bombing attack by bin Laden, all of these greatly exceed the frequency bandwidths understood by the American military.
Littered throughout their manifesto are haunting references to bin Laden and a bombing at the World Trade Center.
And again, this published in 1999, two
years before 9-11.
But their real focus was how China could gain the upper hand against the most advanced military in the world.
Their answer?
Unrestricted warfare.
Essentially, their premise is that China should widen the battlefield, go beyond direct military confrontation with the United States, and take the fight directly to civilians.
By hacking into our civilian infrastructure, and they specifically name the U.S.
power grid, our banking systems, transportation and telecommunications systems, the PRC could not only physically incapacitate the U.S., but weaken our will to fight.
And they could do all of this
without firing a single bullet.
I think if you go to what the Chinese themselves have said, what is in their doctrine, it's pretty clear that the strategy is about
holding U.S.
critical infrastructure at risk in order to deter our ability to marshal military might and citizen will.
So this is really about inducing societal panic and chaos.
And that would be the result of water systems being polluted or inaccessible, transportation lines being derailed, communication systems being severed, pipelines exploding.
You would see clear panic, you would see clear chaos, and this is part of their strategy to enable them to be able to reunite with Taiwan, something that President Xi has made it clear is a strategic goal.
The thing that is so different and so serious is that this particular threat is not just about espionage.
This threat is about
being able to launch disruptive and destructive attacks in the event of a major conflict in the Taiwan Straits.
Taiwan.
For listeners coming in blind, what we've been seeing with these cyber attacks has really brought Taiwan to the fore.
So the Chinese will be cautious about attacking us, very cautious, but they may not be so cautious in attacking Taiwan if the Taiwanese forget the request to not declare independence.
That was Jim Lewis, who specializes in and has been directly engaged in talks with the CCP on Chinese cyber threats.
And like he noted, the CCP has long, shall we say, tolerated Taiwan's de facto autonomy so long as it didn't push for formal independence.
But that shifted when Xi Jinping came to power in 2012.
He took a much harder line on Taiwan.
China's president says unification with Taiwan is inevitable.
President Xi Jinping has said reunification with Taiwan must be fulfilled.
Mr.
Xi added that unification should be achieved peacefully, but he didn't rule out the potential use of force to achieve that goal.
Xi said the central government has taken a firm and unwavering stance on national reunification.
In his speech, Xi said that compatriots on both sides of the Taiwan Strait must share in the glory of national rejuvenation.
Unification is the hope of all all Chinese people.
If China can be unified, all Chinese will enjoy a happy life.
If China can't unify, everyone will suffer.
Xi steps up the rhetoric dramatically.
He starts calling China's quote-unquote reunification with Taiwan inevitable.
Pretty quickly, he makes clear that Taiwan is the final puzzle piece in his grand vision for what the Chinese Communist Party calls the great rejuvenation of the Chinese nation.
And that great rejuvenation, it's not just rhetorical flourish.
It has a deadline, 2049.
2049 marks the 100th anniversary of the founding of the People's Republic of China.
The CCP sees it as China's comeuppance.
If they consider the century leading up to 1949 as their century of humiliation, as they call it, then the party sees the period between 1949 and 2049 as the century that rightly restores China to its place as a global superpower.
China's made no secret that it hopes to be there by 2049, the Centennial Party.
They're building up their military at an alarming rate.
They want to be the number one economic power of the world and the number one economic military power in the world by 2049.
And in Xi's grand vision, anything less than total reunification with Taiwan would render China's great rejuvenation incomplete.
It's Xi's version of manifest destiny.
And it's not just symbolic, it's a strategic imperative.
In the party's eyes, Taiwan is more than just a renegade province.
It's a U.S.
outpost, a threat to China's territorial integrity.
Geographically, Taiwan sits at the the heart of the First Island Chain, a natural barrier to China's naval dominance in the Pacific.
Taiwan sits at the heart of what we call in the United States the First Island Chain.
The First Island Chain stretches from Japan through Taiwan and the Philippines to the Malay Peninsula.
This line of defense is designed to stop China's military from expanding into the Pacific.
If you look at the First Island Chain, these are all formal treaty allies of the United States or close partners in the case of Taiwan.
The islands form the first major geographic barrier between mainland China and the Pacific.
The U.S.
and our allies see it as a containment line.
China sees it as a strategic chokehold.
And at the center, just 100 miles off the coast of mainland China, sits Taiwan.
A linchpin.
Geographically, militarily, and symbolically.
Because lest we forget China's all-consuming five poisons.
Well, it's the Uyghurs, it's Tibetans with the Dalai Lama, it's Falun Gong, the democracy movement, and then finally Taiwanese independence.
The party worries that the longer it puts off Taiwan's so-called reunification, the more Taiwan drifts away and inspires the party's other poisons, the Tibetans, the Uyghurs, the Falun Gong, and pro-democracy activists, to pursue their own autonomy.
And from that perspective, Taiwan's independence is more than just a geographic impediment.
It's an existential threat.
And then there's the not insignificant issue of the chips.
Although many Americans may not know it, all of our lives depend on Taiwan.
The island has a near monopoly on semiconductors.
So much of the production of advanced semiconductors, especially, are in Taiwan, those chips that we use in our phones, computers, our cars.
Taiwan Semiconductor is one of the best managed companies and important companies in the world.
There's nobody in the chip industry that's in their league, at least in my view.
If data is the new oil, then Taiwan is the Saudi Arabia of semiconductors.
Taiwan Semiconductor, or TSMC, produces more than 60%
of the world's chips, but it has over 90% market share where it counts.
The advanced microchips that are mission critical to winning the battle for global economic supremacy, the AI arms race, and the next war.
Because next generation weapons like drones and other AI-enabled precision weapons like smart missiles and autonomous combat vehicles, they require those advanced chips.
The tighter the U.S.
squeezes China's access to advanced chips chips through blacklists and export controls, the more critical China's control of Taiwan and TSMC becomes.
Here's Jim Lewis at our live panel in March.
Every time we've tried to block another country from getting a technology, all it's done is incentivize them.
And this is the fourth or fifth time.
So you don't win through export controls.
But more than anything, experts say Taiwan is personal for Xi Jinping.
It's the great unfinished business of the Chinese Communist Party.
She seeks to resolve what Mao and every other leader since has left unfinished.
But Xi is 71, a spring chicken by U.S.
political standards.
But if he waits until 2049, the PRC centennial, he'll be 96.
The thinking goes, if Xi moves on Taiwan, it won't be decades from now.
It will be in the next five to 10 years.
What that looks like exactly, we don't know.
Here's Dakota Carey, a China consultant at Sentinel-One and the Atlantic Council.
By 2049, the Taiwan question is meant to have been resolved.
How that question is resolved is not...
part of public communications.
It's not an explicit line to say that there will be either a political or military solution to the question, only to say that Xi Jinping has tied reunification with Taiwan to this 2049 goal of the great rejuvenation of the Chinese people.
We do know from public statements by U.S.
government officials that a DICTAT has been issued to be prepared to take Taiwan by 2027.
And I think it's really important to note that 2027 is the 100-year anniversary of the People's Liberation Army.
And when you zoom out and you go, well, at 100 years, what should a military be able to do?
For China and specifically for Xi Jinping, he thinks that after 100 years of being in service, the military should be able to cross a body of water and take an island that is near to its periphery.
But being ready isn't the same thing as pulling the trigger.
It is true that China has significantly upped its military budgets and been flexing its military might in a series of drills as recently as March and April of this year.
And what the PLA itself called a stern warning.
China has launched large-scale military drills in the waters around Taiwan to deter the self-governing island from seeking independence.
In a show of force, China sent a dozen warships and over 70 military aircraft in drills encircling Taiwan.
China also unveiling a deep-sea cable cutter capable of cutting undersea communications lines up to 4,000 meters deep.
That's almost two and a half miles.
This could sever Taiwan's undersea internet and power lines in a wartime situation.
Now, you'd have to be a fly on cheese wall to know whether these drills are strategic deterrents, saber rattling, or rehearsals for the real thing.
For the first time ever, this year, Taiwan's annual military drills identified 2027 as the potential timeline for a Chinese invasion.
The Taiwanese military is finishing up a week of rapid response exercises aimed at boosting the island's ability to react to threats from China.
And this week, Taiwan's defense ministry cited 2027 as a year of a potential Chinese invasion for the first time.
Most analysts consider an invasion by 2027 unlikely.
More cite 2029 to 2032 as a pivotal window to resolve Taiwan.
But the the reason these timeframes become so important is because it means China would have to start prepping the battlefield right now.
And that battlefield preparation,
experts say it would look exactly like the cyber attacks we're witnessing on America's critical systems right now.
Here's John Holtquist, Mandiant's chief analyst.
One of the strange things about this space is that you are fighting the next cyber war now
regardless of how far along it is to the actual game time right you have to do it now because when the big conflict comes it's too late to root out these adversaries and it's too late for them to get access the reality is most adversaries want to be in place in advance so that they're prepared where they are digging in for contingency
now what's clear in hindsight is rarely clear before the fact.
But looking back on Russia's twin cyber assaults against the Ukraine grid back in 2015 and 2016 is like reading the tea leaves for Putin's eventual military invasion in 2022.
So should we be reading China's incursions into our own infrastructure as tea leaves for a Taiwan invasion?
Even saying that out loud risks falling down the creeping determinism trap.
The economic and military risks to China of a Taiwan invasion would be massive.
But China's cyber assaults on our infrastructure, and by the way, we're seeing various similar intrusions in Japan and Taiwan, suggests at the very least that Xi is keeping his options open and ensuring that if he ever does pull the trigger, the battlefield is already tilted in his favor.
Here's Andrew Scott again.
I think much of what we may see in a Taiwan environment from the PRC is
inside Taiwan, very much an intel gathering, maybe disruption of services to support sort of military activity, along with disinformation and misinformation in all of those avenues.
I think the thing that is fundamentally different here that we are most concerned about is the implications for the U.S.
homeland.
The implications for the U.S.
homeland.
This brings me to Matt Turpin.
Turpin spent his career tracking the PRC's battlefield preparations.
His resume spans decades and administrations.
As Xi was stepping into power in 2012, Turpin was in Honolulu, serving as the chief war planner for the U.S.
Pacific Command.
In 2013, he moved to the Pentagon, where he served as China Advisor to the Chairman and Vice Chairman of the Joint Chiefs of Staff under Obama.
When Trump first came to office, Turpin became China director to the National Security Council and Commerce Departments.
These days, he's a senior advisor at Palantir and visiting fellow at Stanford's Hoover Institution.
And in his view, we are already locked into a Cold War with China.
It's just that only one side has admitted this to ourselves.
And I should warn you that when Matt Turpin talks, things get very real very quickly.
I think we should be very clear that
Beijing
is
next to certain that the United States would intervene militarily if they attack Taiwan.
So if you take that as a given, so if Beijing calculates that the United States is going to intervene militarily, and I think increasingly just kind of over the past three, four years, they've increasingly concluded that Japan would also intervene militarily.
And we've seen similar sorts of actions across Japanese infrastructure, then you need to develop and create the kinds of capabilities that would make that intervention much more difficult.
And that means sort of a whole-scale look at the infrastructure that would support any sort of U.S.
military mobilization.
Now, we may think of this as sort of a regionally contained conflict, but of course, As soon as the U.S.
and the PRC are involved in direct military conflict, it will become a global affair.
So they have looked through our entire infrastructure chain to figure out where do they place themselves to ensure that they have optionality to be able to do that.
And if they're willing to sink U.S.
aircraft carriers,
then they're going to be willing to turn off U.S.
energy supplies and pipelines.
and refineries and go after factories.
Like, we just should be very clear that if they've made the decision to start killing American service members, it isn't as if they're going to say to themselves, well, we just kind of think the U.S.
infrastructure is off the table.
So I think we have to be very clear about where this goes.
And so all of the folks that run that infrastructure need to be very serious about
you're a target of a nation-state actor for destruction and disablement.
Which brings me to the crux of our national security predicament, the one few in our country seem willing to accept.
And it's this.
If you manage any system that Americans depend on, be it a hospital, a water treatment plant, the grid, a port, a pipeline, air traffic control, or any of the technology that those systems rely on,
you are right now
a prime target for a catastrophic Chinese cyber attack.
You are the new front line.
And the reason you have to worry about this right now is because in order to destroy or disable any of those systems, you don't just hack them the day you attack.
You have to get in there well ahead of time.
Here's Dale Peterson.
You may remember Dale from the last episode.
He specializes in the security of critical systems.
You have to pre-position
yourself if you want to be able to do this.
I actually wrote a paper on this, I think, back in 2014, that the leaders of a country can't just go to their cyber arm, their equivalent of whatever their offensive team is, and say, I want you to bring down this power, this manufacturer, every critical infrastructure in this region, and expect it to happen the next day.
You have to be pre-positioned.
You have to learn their system.
You mentioned Stuxnet earlier.
You look at all the time involved to create that system.
So you have to do the work ahead of time so that you can press the button if you choose to.
Stuxnet, if you'll recall, was a surgical U.S.-Israeli cyber strike that sabotaged Iran's nuclear program.
But Stuxnet's code was only half the magic.
The other half was in the years of preparation, the groundwork, learning the system, sneaking the code in on a USB stick, the pre-positioning.
And that is exactly what China is doing with its living off the land attacks.
Only this isn't a precision strike.
It's a mass infiltration campaign targeting hundreds of critical systems, power, water.
And these systems, they're far easier to infiltrate than Iran's nuclear lab.
The bulk of our gas, our water pipelines were built decades ago when their primary threat was a tree root, not nation state hackers.
You're talking about networks and environments that for decades have been architected and run in a way that was never intended to take into account these sorts of risks.
They were intended to take into account how do we maintain delivery of services in the event that a water pipe breaks or a lightning strike takes out a power generation facility.
Volt Typhoon, China's elite infrastructure hackers, have radically changed the calculus.
For now, they're lurking, lying in wait.
The fear is what happens when or if they decide to detonate on the access they already have?
The everything,
everywhere, all-at-once cyber attack.
To state it plainly, should they so choose, the PRC has the capability to cut off our access to water, power, transportation, gas, and a shutdown might be our best case scenario.
The worst case scenario?
It's almost too gruesome to spell out, but we've caught flashes.
In the summer of 2017, Russian hackers launched a more brazen and potentially much more dangerous attack, this time on Petro Rabig, a massive oil refinery along the Red Sea in Saudi Arabia.
On a Friday night in August, a safety system triggered the whole plant to shut down.
The hackers made a small coding mistake and they ended up shutting down the refinery instead of triggering a deadly explosion.
Saudi Arabia, 2017.
Russian hackers got into Petro Rabig, a major petrochemical facility, and were able to shut off the safety locks that prevent an explosion.
Hackers have already demonstrated they have the ability to contaminate our drinking water by hacking into the the chemical controls at water treatment facilities.
Now, none of these scenarios have come to fruition, but what these incidents and colonial pipeline and Stuxnet before them did show was the art of the possible.
With China's strategic embedding of our critical infrastructure, they could do more than cut off access to power, water, gas.
They could contaminate the drinking water, trigger explosions at pipelines and chemical factories, send planes colliding or trains careening off track.
And in the everything, everywhere, all-at-once cyber scenario, they could do it all simultaneously.
We just had a very real glimpse of what happens when air traffic control goes dark over one of the busiest airspaces in the country.
And that was just for 90 seconds.
A major communications breakdown at Newark Airport.
Sources telling ABC News tonight air traffic control computer screens went dark for up to 90 seconds.
Controllers losing communications with packed passenger planes approaching for landing and planes taking off.
Unable to see, hear, or talk to the pilots of the aircraft, pilots could be heard learning of the outage over the radio.
A number of controllers on duty during that outage so shaken they've now taken medical leave.
Now imagine that wasn't an accident.
Imagine it was a coordinated cyber assault.
One that didn't just hit Newark, but air traffic traffic control nationwide.
What political appetite do you really think we'll have to support an island 7,000 miles away when we can't get internet?
We're under a boil order.
Flights are grounded or worse.
I think we all know the answer.
And Beijing does too.
I say this not as somebody who knows Taiwan well, but as somebody who spent 21 years as an army officer, being an intelligence officer where you are always trained to think like the adversary, it's the adversarial empathy that I think ultimately makes me a better defender.
You want to take out the power, you want to take out the communications, you want to take out the rail lines, you want to affect the basic life services and hold that at risk to, you know, essentially force your adversary to give up for citizens not to have the will to fight.
Now, a a word of caution here.
Just because the CCP can pull the trigger doesn't necessarily mean that they will.
It's possible they simply want us to know they can.
Here's David Barbosa, my former Times colleague whose reporting put him in the CCP's crosshairs back in 2012.
China is like incredibly strategic.
I don't need to pull the trigger.
I can use a lot of different leverage points to scare you or to intimidate you.
So I could pull it, and it depends whether I will pull it, but just you knowing that we're in that infrastructure, they can say, we have some leverage into everything.
And, you know, we may not use it, but just so you know, just so you, when you think twice about doing something, that we also have this.
And here's John Holtquist again.
There's some question over whether those are signaling things, right?
They want us to know that they can get access, right?
And then they sort of hold that access over our heads and maybe change our calculus.
Or if these are practical targets that they expect to have military effects, right?
Or essentially potentially slow a military response or change our ability to respond in any conflict.
The weird thing about almost all the critical infrastructure stuff I've covered in my career is a lot of it wasn't about practical effects.
A lot of it was probably about just undermining the adversary, like trust in the adversary.
Your power goes out for a few hours, power outages happen, whatever.
But you recognize now that the foreign power did it, and suddenly you distrust the government's ability to secure you.
Psychological warfare.
That's what David and John are getting at.
Maybe it's not the everything-everywhere scenario.
Maybe it's a gun to our head, just knowing our infrastructure is held hostage, to make us think twice about defending Taiwan.
Now, again, you'd have to be in Xi's inner sanctum to know the end game.
I don't actually believe China is just going to send American passenger jets colliding, at least not until we're in the throes of World War III.
That's precisely the kind of attack that, if recent history is any guide, would push Americans towards a fight, not away from it.
More likely, in my view, is a strategic blackout here, a pipeline shutdown there, an outage of air traffic control, maybe just for a few minutes or hours, maybe a day or two, just long enough to send a chilling message.
Stand down or Americans will feel real pain.
That's the thinking behind why Russian hackers only cut Ukraine's power for hours, not days, back in 2015 and 2016.
It was to shake their confidence, their resolve, and it didn't work there.
But here, we're far more digitally dependent than Ukraine ever was.
And if there's one takeaway from 2025, it's that our politics can make us an unreliable ally.
China sees these cyber attacks as leverage.
They watch the panic and chaos that ensued from the colonial pipeline ransomware attack.
They also watched the U.S.
support for Ukraine and its more recent backpedaling.
It's not clear Americans have the stomach for a drawn-out fight, especially one that hits home on American soil.
Here's Jenny Sterley and I discussing this point just ahead of the 2024 election when she was still leading CISA.
So we've heard a lot of different theories about these living off the land attacks on our infrastructure.
Dmitri Alperovich has said he thinks it's an effort to delay military mobilization.
Others have said that this is a great political lever to pull.
It might make us think twice before we would support Taiwan militarily when we know that China's inside and could shut off our gas or shut off our access to clean water.
Others say, watching Ukraine and the political debates about continuing funding for Ukraine, perhaps there would be an event where we would support Taiwan, but China could basically use their access to diminish the political appetite of Americans to continue to support Taiwan if, say, they couldn't get gas for more than three days.
Some have said this is just the new era of mutually assured digital destruction.
We're all in each other's business.
We're all sort of holding a gun to each other's heads, saying you better think twice before you turn off access because we could turn around and do the same to you.
But you're really in the nexus of this.
What in your mind is their end goal?
Well, I wouldn't choose like A or B or C.
There's probably a little bit of all of the above in the scenarios and the rationales that you just painted.
The Chinese government is watching very closely what is happening in America and some of the fragility that they see, quite frankly, within our democratic processes.
And this is part of their strategy to enable them to be able to reunite with Taiwan, something that President Xi has made it clear is a strategic goal.
And to your point on Ukraine, I would just comment that I think we all need to recognize that the defense of Ukraine is the deterrence of China.
China is watching very closely whether we end up just giving up on Ukraine because it sends a message to what our political will would be in the event of an invasion or a blockade of Taiwan.
And I think it's one reason why it's so important that we continue to
be very forward-leaning on the support that we're providing to Ukraine, along with our international partners, as well as the private sector.
As of this recording, President Trump's position on Ukraine has been anything but consistent.
He initially cut off military aid and intelligence sharing, only to reverse course a couple of weeks later.
More recently, he's been threatening Putin with sanctions if the missile strikes on Ukraine don't stop.
But all of this could shift at any moment.
Under Trump, the U.S.
has revealed itself to be an unpredictable trading partner and military ally.
Taiwan might still be able to count on the U.S.
coming to its defense, but what appetite will Americans have to support an island halfway around the world when we can't get access to clean water or even just working Wi-Fi.
So let me just go back to one thing that you said that I think is important.
Colonial pipeline is always the canonical one we go back to.
But frankly, think about crowd strike just July of last year
when a lot of people couldn't access a lot of things.
Now, that was for a short period of time, but think about that disruption that was not just a technology outage or a bad update, but rather a deliberate disruption that could be in place and unable to just turn back.
Think about that for weeks and months on end.
We've largely shifted the focus to China's attacks on our infrastructure, but lest you think the CCP has let traditional intelligence go by the wayside, let me introduce you to Volt Typhoon's colleagues, Salt Typhoon.
In early October 2024, news broke that America's biggest telecoms, AT ⁇ T, Verizon, T-Mobile, others we don't even know about yet, had been hacked by a Chinese group that Microsoft calls Salt Typhoon.
According to the White House, China's Salt Typhoon hack has now been underway for upwards of two years, hitting at least eight of the major U.S.
telecommunications providers.
FBI and federal cybersecurity officials say these Chinese Chinese government-affiliated hackers managed to steal records, intercept some voice calls, even penetrate the wiretap system used by the Justice Department to investigate people suspected of crimes or spying.
Chinese hackers breached U.S.
telecom and internet service providers, accessing the cell phones of top U.S.
officials and private citizens.
Salt Typhoon is now considered the most significant cyber intrusion we've had on our telecommunications systems to date.
And we're still unpacking the damage.
We know that they accessed the private calls of President Trump and J.D.
Vance, Kamala Harris's staff and Chuck Schumer.
We know they got access to metadata, texts and phone calls.
And perhaps most damaging of all, we know they got a counterintelligence gold mine.
Based on what we know about what Saul Typhoon accessed, it's the type of system
that
is the coin of the realm in intelligence and counterintelligence games on the street.
When you think about the people who are asked to protect U.S.
secrets or go identify and collect secrets from foreign governments, it comes down to actual people who are doing that work in and outside of allied and adversarial countries.
And their safety is at risk when those people are identified.
And some of the information that was accessed through Salt Typhoon allegedly would help those individuals and would help the Chinese state identify known and unknown intelligence officers that are operating in the U.S.
And when you access that type of information, people's safety can be at risk.
That was Dakota Kerry speaking to China's hacks of our biggest telecom providers.
And the worst part is, we don't even know if they're out.
In fact, we have to assume they're still inside.
And now the FBI is warning Android and iPhone users to be careful when texting one another, urging them to stop sending unencrypted text messages.
According to officials, the Chinese hackers hacked into the SMS system.
Stepping back here, if China can access our most personal data, eavesdrop on our highest level officials and our most private moments.
If they can manipulate our supply chains and have the power to disrupt our critical infrastructure at will, then we don't control our own destiny.
By any honest definition, we're not a sovereign nation.
That is where we are.
Now, here's where I'm often asked.
Aren't we in their systems too?
Can't we do the same to them?
And aren't we better?
It's what I call mutually assured digital destruction.
China and Russia are in our infrastructure, and we're in theirs.
We know less about what the U.S.
is doing overseas, but it's no secret that the U.S.
is actively exploiting these systems too.
Here's Dale Peterson.
This is being done now by everyone, including the U.S.
Across the world.
You can find just as many...
quotes from Chinese leaders complaining about U.S.
hacking into Chinese systems.
It's the state of the world right now.
What is interesting is there is a line.
While there aren't official agreed upon cyber norms in this theory, there is a line that you can say, I can do up to this and it will be accepted without retaliation.
Starting about seven years ago, U.S.
officials began publicly acknowledging their own digital forays abroad.
It was part of a strategy that then NSA Director and Cyber Command Chief Paul Nakassoni called Defend Forward or persistent engagement.
Our strategic approach is persistent engagement.
We seize the initiative in this domain.
We are not ceding space or time to our adversaries.
This approach is shaped through campaigning with our Defend Forward approach and our supporting relationship to the priorities of the joint force.
This allows us to hone our focus, knowing where to commit ourselves, effectively managing resources and risk.
while in a constant state of adversary engagement.
But if we're really counting on mutually assured digital destruction to hold China back, we need to take a sober look at just how mutual that destruction would be.
And the hard truth is that the battlefield may be tilted in China's favor.
For one, we live in the glassiest of glass houses.
Our digital attack surface is larger by a significant margin.
We dove headfirst into cloud computing, smart devices, automation, and now AI.
It makes us incredibly incredibly efficient, but also deeply vulnerable.
When it comes to our core infrastructure, our economy, our everyday life, we're simply more reliant on tech than they are.
Secondly, most of our technology, routers, phones, chips, even the cranes running our ports, it's made overseas, much of it, in China.
Meanwhile, China controls its supply chains and runs a closed internet, the Great Firewall, giving it far greater visibility and control.
Third, the Chinese Communist Party is willing to absorb massive amounts of pain in ways that, frankly, we aren't.
Think back to Mao's Great Leap Forward.
Millions died from famine and the party didn't flinch.
That legacy still shapes the party's tolerance for suffering in pursuit of strategic goals.
Here in the U.S., Americans can stomach a day without TikTok.
Even after Congress voted to ban TikTok or force China to divest, the PRC didn't blink.
We did.
What happens when it's not access to TikTok,
but clean water?
And finally, when it comes to offensive cyber attacks, as a democracy, we play by different rules.
On that, here's Rob Joyce, NSA's former cybersecurity chief, who previously led hacking teams at NSA.
We are a rule of law country, and there is an effort in the law of armed conflict where you need to be differentiating military targets from civilian targets.
You need to have proportionality.
The things you do must impact the military effects more than the civilian effects.
And so when
people say we ought to turn the lights off and shut off the water and stop the planes or crash trains, we don't do that because it's disproportionate on the civilian population.
And that's where the differences arise.
We would never get through
the lawyers the ability to hold them at risk the way they're currently in some of our infrastructure.
And that's the differentiator.
Here's what most people don't realize.
We are locked in a cyber battle where only one side is actually authorized to attack civilian systems.
By law, the U.S.
can't hack civilian targets like the Chinese power grid or its water systems unless it directly supports some PLA purpose.
Here's Dakota Carey on that small but critical point.
When we consider what is an appropriate target in cyber operations, one of the key distinctions when we talk about operations against foreign adversaries or foreign militaries is that when considering attacks on critical infrastructure, the U.S.
would require that critical infrastructure be supporting a military asset.
For example, an electrical grid attached to a military base or an electrical grid on the military base itself.
We have very distinct targeting requirements for what would count as acceptable use in both cyber operations, but also in kinetic operations.
A lot of the public, shall we say, attention drawing to Volt Typhoon on part of the U.S.
government, I believe is because china is pre-positioning on civilian critical infrastructure that does not serve a direct military purpose and in doing so our government is trying to i think at the track one and two level in direct communications with china has communicated that attacks on civilian infrastructure that do not serve military purposes is unacceptable track one and track two diplomacy track one is official government on government communications u.s officials meeting directly with their CCP counterparts.
Track two is unofficial communications between non-government actors.
Jim Lewis is a regular presence in those track two dialogues.
Last year, he broached whether the PRC would be open to drawing red lines around civilian targets like water.
I don't negotiate for the U.S.
government, but I will occasionally ask questions that the U.S.
government has asked me to ask.
And the answer was no.
We're not interested.
Some of these are people I've known for a long time.
They had a good point.
It's like, look, five years from now, 10 years from now, we're going to be much stronger than you.
So why should we make a deal with you now?
Because we'll have a better hand to play five years from now.
So the answer was no.
So long as the U.S.
abides by the law of armed conflict, there will be targets that are off-limits to us, but fair game to the CCP.
And they know it, which starts to make the mutual and mutually assured digital destruction ring a little hollow.
I used to think that the Chinese had an advantage because when they showed up, they never brought lawyers.
We, of course, had thousands or even millions of lawyers with us.
It's like, geez, one time I said, the worst thing we could do to you people is teach you to do this rule of law.
And speaking of red lines, here's Jenny Sterley in conversation at our live panel in March.
Well, first of all, they're not tiptoeing over the line.
They're like way over the line, man.
They're like, I mean, this was the the whole point, right?
This is not a theoretical threat.
It's a very urgent threat where China is deep into our critical infrastructure, water, power, transportation, communication.
Specifically, to lay in wait so they can launch disruptive and destructive attacks.
I think that is way over the line.
So here we are.
China has tilted the digital battlefield in its favor.
They're not respecting red lines.
They've already crossed them.
They're inside the house, inside our most critical infrastructure.
And as tensions rise with Trump's trade war, the escalating rhetoric, this dangerous game of chicken, the economic entanglement that once acted as a break is giving way.
And that,
that may have been our last real deterrent.
A cyber war with China isn't inevitable.
But with every breach of American infrastructure, it's clear they're preparing for one.
As for us, we're only expanding the attack surface, and we've barely begun to think about new modes of deterrence, not just in cyber, but across government.
Here's Rob Joyce on that point at our live panel last March.
When I said, don't use cyber against cyber, I don't mean don't use it.
It's got to be part of a whole portfolio of things.
There's got to be from the very top a strategy and aggressive messaging that we won't tolerate this.
There's got to be diplomatic law enforcement.
There's got to be some of the naming and shaming, some cyber.
We've got to use that whole portfolio and in very aggressive ways.
So I'll ask this question, right?
When we get annoyed by the actions of another government, what do we often do?
We expel their diplomats, right?
We expel their spies.
I have never seen us expel somebody because of a hack.
They're in our infrastructure, and there has been no diplomatic repercussion for that.
Those are the kind of things that, you know, we've got to turn the knob up and use all of that portfolio.
Recently, we've heard various Trump officials talk about the need to pull the gloves off and punch back in cyber.
Here's Alexei Bulizel, the highest-ranking cyber official on Trump's team and the head of cyber at the National Security Council, speaking at RSA, the security conference, back in April.
I think there's a lot we could do to impose costs on these adversaries.
Say, if you come do this to us, we'll strike back at you, we'll punch back.
I'm very interested in, again, working on offensive cyber and destigmatizing and normalizing the use of offensive cyber as a tool of national power.
I don't necessarily disagree with what he's saying.
We've absolutely handcuffed ourselves on offense.
But if we plan to go full tilt on offense, we sure as hell need to shore up the defenses.
Because from what I've seen, cyber is not unlike physics.
For every action, there is an equal and opposite reaction.
Every cyber attack has a way of boomeranging back.
Unlike bombs and traditional weapons, we don't just drop these things and watch them blow.
This is code we're talking about, and code can be dissected, reverse engineered, and ultimately turned back on its maker.
So if we're going there, then cyber defense absolutely should become our number one national priority.
And that defense has to go beyond government targets because we know the CCP doctrine, unrestricted warfare on civilian systems.
And we don't just know it, we're seeing it.
We don't know if or when they'll pull the trigger or how far they'll go, but it's long past time we pull our heads up out of the sand.
This is happening.
Pretending it's not is a losing strategy.
It guarantees America loses before the real battle has even begun.
We don't want to be scaring the hell out of people because that's not effective.
When you scare people, minds just close off and they really don't want to talk about horrible things happening.
So they'll just...
you know, ignore and go something else.
And you don't want to be seen as the, you know, the girl that cried wolf.
You know, You as a storyteller know that.
The other thing is we do not talk about this threat without talking about all the things that we're doing and can do about it and what businesses, large and small, can do about it.
And that's what I think is the important thing.
In the 15 years I've been tracking cyber threats, one thing has held true.
Human nature tends to ignore the warning signs until it's too late.
Even those who are running our most critical infrastructure don't want to believe that they're targets.
They want to think that this doesn't apply to them or that they're immune until they're not.
People don't get religion on cyber until they're breached.
And only then do they truly understand the stakes, take stock of their dependencies, and do what is necessary to limit the blast radius for the next attack.
Everyone else, we're just waiting our turn.
And that's where the real danger lies because the targets we're seeing Chinese hackers infiltrate, these aren't paint and beverage companies anymore.
Without solid mitigation and recovery plans in place, it's not just going to be disruption.
It's game over.
There might be nothing left to recover.
Here's Dale Peterson.
And just a quick definition repeat here.
Dale will refer to OT systems.
It stands for operational technology.
If IT is the business network, OT refers to the computers that control the pipeline, the grid, the actual train switches on the track.
A lot of these companies have never suffered a major impact, an outage, a financial loss, equipment damage due to a cyber incident on OT.
So there's still this
belief that they're immune to the OT security threat.
If you even look at the numbers, we're seeing about 75% of the OT outages over the last two years when there is actually something happened in cyber that caused a factory or a water utility or anything like that to go down and not be able to do its physical function.
That was ransomware on IT.
So that's still by far what's causing the most problem.
It's almost this barbell issue.
You have these common attacks that you have to worry about, and then you have these potentially very serious attacks for a company or a community or a country.
And that's the one that really isn't getting the attention.
I think that's, you know, when you keep going back to China, that's the one that's a little scary because we're not up to that challenge today.
How we rise to that challenge?
is the question we all have to reckon with.
I wish I could tell you it's as easy as setting up a firewall and updating your antivirus software.
But unfortunately, it's a lot harder than that.
I've long said that if cybersecurity was purely a technical problem, we would have solved it decades ago.
But we didn't solve it.
And that's because technology is only part of the solution.
This is a whole of society problem.
It's an education problem.
It's an incentives problem.
It's a question of resource allocation.
It's a leadership problem, a culture problem.
To truly solve our cybersecurity predicament requires a complete rewiring of how we think about our borders.
Americans still like to pretend we live on an island, protected by two vast oceans.
But on the internet, those oceans no longer exist.
Our enemies, they're mere milliseconds away.
And in too many cases, they're already here.
So I think we have to hope for the best and plan for the worst.
And what I mean by that is there's no way to definitively know what you're describing, whether what we're seeing on a network is simply intended as a signal of here's how bad it could be, then a choice not to employ that capability, or if it might be multiple networks all at once where they're disrupted.
particularly concerned across government is the breadth of the pre-positioning that we see.
We see it in the transportation sector.
We see it in the water sector.
We see it in the communications sector.
We see it in the energy sector.
And
the worst day is an everything, everywhere, all-at-once scenario.
That all of a sudden, you know, some other factor or thing happens in the environment.
And all of a sudden, we see disruption in multiple sectors simultaneously with services to the American public going out.
Now, that may not be what actually happens, and it may be that nothing happens.
But with what we see here at CISO, we can't afford to hope that that's not the outcome that we come to.
And so that's where we are really taking an approach of saying we have to sort of drive security with industry.
So industry helping these customers defend their network.
And we have to drive resilience within these networks so that even if they're disrupted, they know and can operate in a degraded environment.
That was Andrew Scott.
And what he's talking about here is cyber resilience.
Now, resilience can come across as just a buzzword or worse.
If you turn your attention to what to do once intruders are inside, it might seem like you're throwing up your hands, throwing open the doors.
But shifting our focus to resilience isn't giving up.
It's facing the reality of the situation.
If we can't deter them from getting in and we can't keep them out, then how do we make sure that the worst day is not the last day?
That a breach of you, of your supplier, of your local water department, the power, that it's limited in scope, in duration, in impact?
How do we sort of prepare for and do all the things that we need to in order to ensure that the critical services that Americans rely on every hour of every single day can maintain delivery in a degraded or contested environment should the PRC undertake an effort to reunify with Taiwan because we think there's real risk.
So for us, that confluence of what we at CISA have found through our victim engagement of, no, they are on these networks, they have access, they could pivot to operational technology environments if they wanted to and if directed to, it's a clearing call to action both for us as well as all of our industry partners to do everything that we can to prevent those goals from becoming a reality.
A clarion call to action.
Which brings me to you, dear listener.
It's incumbent on each of us to think very hard about where we fit in this ecosystem, because it only takes one of us to be an entry point or a roadblock.
It is true that security is only as good as its weakest link.
And in too many cases, that weak link is us.
Hackers aren't breaking in anymore.
They're logging in.
They're using our recycled passwords.
They're exploiting our lack of multi-factor authentication.
That's how hackers breach colonial pipeline and more recently change healthcare and the entire health system with it.
We need to start taking cyber hygiene dead seriously.
But we also need to start gaming out fallback systems that hold even when the lights go out.
I'm talking about backups, backup control rooms, backup data rooms at alternate locations, tighter controls, air gaps.
So if a hacker does get into the business systems of, say, colonial pipeline, they can't de facto shut down our pipelines too and take the nation down with it.
Or if they do get into the pipeline, we have ways to override their commands, to limit the scope and hasten the recovery.
Back to Dale Peterson.
Any company right now has to say, my IT network could be compromised at any time.
Any sort of security program I've put in place, I can't feel highly confident that this will not happen.
So I'm going to assume it happens.
What is my response and recovery?
And not that there won't be pain, but will the pain be acceptable?
And that should be doable for most companies.
But it seems like every time it happens, it's a big surprise.
And I think that we're really missing the boat when it comes to recovery almost more than we are on the security angle.
There's a great untold story in the early days of the Ukraine war.
The abbreviated version is that Russia launched an unprecedented cyber assault on Ukraine from all angles.
It didn't get much attention at the time.
It still doesn't.
especially when the bomb started to drop.
But in those first days, Russia launched an attack on Viasat, the internet satellite broadband provider, that cut off Ukraine's access to the internet.
But in came Starlink, which kept Ukraine's connection to the outside world alive and really gave the country a fighting chance.
Russia did launch an unprecedented denial of service attack on Ukraine's banks, on government agencies, but in-stepped Amazon and Google and Cloudflare, and they were able to mitigate the onslaught.
Russia Russia did get into Ukrainian power stations, but security experts in private industry and at Ukraine's cyber defense agency and our own detected the malware before it was time to detonate, and they rooted it out.
That is cyber resilience.
Here's Heather Atkins, who you may remember from our first episode as a founding member of Google's security team.
You cannot prevent everything.
And it will ultimately come down to to how quickly you recover.
Super inspiring to see what the Ukrainians are doing.
They get hacked, they recover.
Infrastructure keeps going.
And I think that that is a lesson for all of us doing defense.
You should be 100% focused
on prevention and recovery.
It's not one or the other.
Do both.
You'll prevent as much as you can.
Eventually, something will get through.
You should be recovering fast and recovering
A big part of this is gaming out the worst case scenarios.
Resiliency is taking stock of your crown jewels and all of your dependencies.
It's asking yourself one simple question.
What is my one thing?
The one thing that if it were to be taken or degraded would be game over for you.
And then it's asking, how do I wrap that asset with as much protection and redundancy as possible?
Your answer to this question will vary depending whether you're answering it as an individual or as a professional.
As a mom, my one thing might be photos of my kids as babies, letters from deceased relatives.
So I do what I can to prevent those from getting hacked.
I use MFA.
I use a password manager.
But resilience is accepting that they might be stolen or that I get hit with ransomware.
So I also back them up on hard drives and keep those offline.
I print those photos out.
I make copies.
These days, it only takes 15 seconds of a voice recording to be used in a deep faked phone call.
So I have individual code words with my kids.
If they call me in distress, my first question will be, what's the code word?
As a journalist, it was very different.
My one thing was my sources.
So in the most sensitive cases I took those conversations completely offline.
I met in person.
I didn't drive to meetings in my car which is now a smart device.
I didn't take Uber.
I didn't even bring devices.
I used pen and paper and I made my notes unintelligible to anyone but me so that if or when anyone got a hold of them, it wasn't all out compromise.
That same thinking and vigilance should guide companies.
There's a line I think about a lot from Andy Grove, the former Intel CEO.
Only the paranoid survive.
You should absolutely do everything you can to prevent the breach, but perfect security is a pipe dream.
So you need to think long and hard about what happens when they do get in, because the odds are they will.
So you need to make sure the compromise of one account, one supplier, one pipeline doesn't lead to a whole nation shutdown.
You have to run tabletop exercises starting from hour zero through however long it takes to get you back up and running.
And you need to do this repeatedly until it becomes second nature to you, to your company, to our culture.
In the military, you always talk about the most probable course of action and the most dangerous course of action.
You work through the most serious, dangerous course of action and you exercise through that so that you're working through, well, what will I do knowing that these systems will come down?
And what do I need to do to build them, to have the right workforce, to have the right architecture so that I can respond rapidly, but that I can recover within this.
certain time, recovery time objective.
So, you know, I'm not going to be down for two weeks.
I can be down for three days.
And you work through that very deliberately.
Ultimately, at the end of the day, you know, some of this is a goal of make a cyber attack have the same effect as a lightning strike.
Can we live without power for a day, an evening, a couple days, because you're reconstituting the physical infrastructure?
Absolutely.
It happens all the time.
I think the real key is how do we prevent these outcomes from being sustained in duration?
I do think it's vital for each of us to be more aware, more vigilant, but I want to be realistic here.
Saying that one individual alone can guerd themselves against the full might of a major world power is absurd.
It's like saying that one person's decision to use a single paper straw is going to resolve climate change.
You should absolutely be changing the default password on your home router, using MFA where you can.
But that's not going to do any good if router makers keep shipping us devices with gaping holes in them, then refusing to service those devices with patches or other technical support once they reach end of life.
That's on them.
And because these companies are more beholden to their shareholders than they are to the security of their customers, it's really on government to force it upon them, to mandate that they sell software and hardware that's secure right out of the box.
Like automakers, if there is a defect, they should be forced to fix it and bear the cost of the recall.
All of this is what's called secure by design.
And under Jenny Sterley, this became a major priority at CISA.
You've seen out of CISA and out of the administration
in the Biden administration very much a focus on like shifting the burden of security to those who can bear it, to the manufacturers of hardware and software that quite frankly need to do better with building in security by default into their hardware and software.
We can't keep expecting small to medium-sized critical infrastructure to owners and operators who have limited bandwidth, limited resources to bear all the burden of securing their networks and infrastructure.
And we think that there's a lot more that industry can do in that space to really build in and bacon security from the beginning.
Secure by design is really focusing on technology vendors doing everything they can to prioritize security and product development.
So safer, more secure products so that the burden isn't placed on customers and the end users and the small businesses or even the big businesses to have to constantly patch vulnerabilities.
Secure by design is perhaps most urgent in one particular burgeoning field, AI.
Artificial intelligence is rapidly embedding itself in how we communicate, how we diagnose illness, in surveillance, and national defense.
It promises incredible advancements and efficiency, freeing us to focus on higher order tasks.
But behind the scenes, it's unleashed a Pandora's box of complexity.
And complexity is security's greatest enemy.
It allows for entirely new points of entry and an entirely new range of dependencies.
Many we don't and won't understand until someone exploits them.
Every time we engage Gen AI, we're not just asking a question.
We're handing over the keys to our private lives, our medical histories, our business secrets, even our unspoken thoughts.
I find the whole exercise to be a quiet, compounding surrender of trust.
And soon that trust will be granted to AI agents, not just to answer our questions, but to manage business operations on our behalf.
As a society, it appears we're determined to dive headfirst into AI without a second thought as to how this might one day be used against us.
On this, I want to play you an interview that Paul Tudor-Jones, the hedge fund manager, recently gave to Andrew Ross Sorkin this May.
I went to this tech conference about two weeks ago out west, and I just want to share with you what I learned there.
There was a tech panel that had
four of the leading modelers of the AI models that we're all using today.
The quick three takeaways from that are, one,
wow, AI can be such a force for good.
And we're going to see it immediately in both health and education very quickly.
That's the good news.
Two, the neutral news.
These models are increasing in their efficiency and performance.
And then thirdly, and the one that disturbed me the most, is that AI clearly poses an imminent security threat, imminent in our lifetimes to humanity.
And kind of about halfway through, someone asked them on AI security, well, what are you doing on AI security?
And they said, the competitive dynamic is so intense among the companies, and then geopolitically between Russia and China, that there's no agency, no
ability to stop and say, maybe we should think about what actually we're creating and building here.
And then he went on to say, I think it's going to take an accident
where 50 to 100 million people die to make the world take the threat of this really seriously.
Well,
that was a freaky deak to me, and no one pushed back on him on that panel.
What he just told you is that behind closed doors, the leaders leaders of every major AI model are deeply afraid that the very systems they're building could one day be used to kill off millions.
Not necessarily because AI becomes sentient and suddenly takes over everything, but because it could be used to automate what we have discussed here.
It could be used to do what hackers currently are doing manually, hacking into our critical systems like food and water at scale.
And yet, no one is hitting pause.
Why?
Because the AI arms race, especially with China and very recently with DeepSeek, is so intense that there is simply no incentive at the national or industry level to pause and do what is necessary to mitigate against these harms in the build.
Trump already gutted Biden's AI executive order, which, among other things, required AI developers to test for potential harms before they release these tools into millions of hands.
And buried in Trump's new big, beautiful bill, the one that just passed the House, lawmakers snuck in a clause that explicitly bans state or local governments from regulating AI on critical systems, like our elections, for 10 years.
We don't even know what offensive AI is going to look like a year from now, let alone a decade.
And we're tying our own hands behind our back.
And that, that is truly terrifying.
Because AI is still very much an infant.
And like a child's earliest years, these first stages are formative.
We have a critical but narrow window to get this right.
But that window closes a little faster every day.
AI is already outpacing Moore's Law.
We're in the midst of a full-blown paradigm shift.
The question now is, will we repeat the mistakes of our past or will we do what is necessary to get this right?
The emergence last January of a little-known Chinese AI startup called DeepSeek may be an early stress test.
There is a new model that has all of the valley buzzing.
And it does not come from OpenAI or Meta or Google or any of those names.
It's called DeepSeek.
It took Google and OpenAI years and billions and billions of dollars to build the latest AI large language models, but now a Chinese research lab has built a competitive model in just two months with dummed down GPUs for less than get this six million dollars.
Not billion, six million dollars.
We've got a bit of a tech sell-off this morning and it's being caused by earth-shattering developments in the AI space.
And here's why.
There's a Chinese startup that has emerged as a real player in the AI arms race.
It's called DeepSeek.
And DeepSeek's AI model has developed technology that can actually be competitive with Open AI and Google and XAI and all these more established players.
Investor Mark Andreessen calls the new Chinese AI a sputnik moment.
Somebody else called it chat GPC.
When DeepSeek first dropped its AI model last January, it landed like an earthquake.
Not just for what it did, but for how it did it.
DeepSeek was able to accomplish much of what OpenAI and Google and Anthropic and Meta could do with their AI models at a fraction of the cost and computing power.
And then came the kicker.
DeepSeek released its model as quote-unquote open source.
And those quotation marks are very much intended.
Here's Igor Yablikov, an AI pioneer who sold the technology to Amazon that would later form the basis of Alexa and more recently serves as the founder and CEO of Pryon.
What does it mean that DeepSeek is quote-unquote open source?
Yeah, in some ways it allows experimentation to be built on top of it.
So meaning you can fine-tune models because you have open weights and things of that sort.
It's a little bit differently than the way that most have viewed open source in the past, which means think of it in a code context where you can see all of the lines of code and then compile it for yourself so that you can go ahead and investigate in terms of what influences were put into the actual code.
The distinction between open source and what Igor refers to as open weight is a critical one.
With a truly open source approach like Wikipedia, you can click in and interrogate where all the information you're reading came from, down to who wrote the words and when.
You can see which sources they reference.
You can investigate those sources.
You can check the work, edit, and make improvements.
DeepSeek is not actually open source in that sense.
DeepSeek is open weight.
The pre-trained model weights are available for download and use, but the actual training data, the training code, are still a black box.
You can't replicate it.
You can only build on top of it.
Sticking with the Wikipedia analogy, it'd be like going to a page and reading the content, but the footnotes and author sections are blacked out.
You can add to it.
You can build on it, but you can't check the work.
So in some ways, I have to say the AI industry has been using the term open source rather loosely because it's fooling people into thinking that you can actually rebuild and recompile this thing for yourself, which you can't because you need the source training data.
And that's where a lot of risks could be induced in these style of models.
And therein lies the risk.
What is it not showing us?
We don't know if it has embedded agents or not from a supply chain perspective.
We just don't know.
So there's certain things it's not revealing to us.
So without knowing what's an ingredient, I mean, you're eating the final product.
And basically at a cursory level, it's like taking a delivery of an Eclair and saying, I can't really affect the creation of the Eclair or recreate it, but I can change the icing on it.
That's basically how you have to think about these things.
So you can build on top of it, but you can't completely understand what's inside.
And you can use it at a tiny fraction of the cost of OpenAI's GPT.
And we're talking cost savings of 96%.
In some sense, it's Huawei in a different form.
Its pricing and efficiency all but guarantee that without some intervention, these cheaper Chinese AI models will become the de facto backbone of the next generation of technology.
And that presents real risk.
Now, how much risk depends on how you use it.
Right.
It depends on how you're using it, whether it's a local model or through their iOS app or through the API.
So through the iOS app, I mean, that's literally, you know, it made it to the top of the app store.
All these folks are downloading it and potentially compromising client or employee data as a result, not knowing that it's going to a hosted service and potentially even through contact centers that are monitoring what's flowing through the system.
We don't know exactly how these risks will materialize, but DeepSeek is already seeing wide global adoption, predominantly in Asia.
But we're also starting to see it adopted here.
More than a thousand enterprises, including some in the Fortune 500, have integrated DeepSeek into their operations.
The bans are starting.
Italy moved quickly to ban it.
Taiwan and South Korea have banned DeepSeek from government and critical sectors like energy.
Canada and India banned it from government.
Here, we've banned it inside the Pentagon, the Navy, and other federal agencies like NASA.
States like Texas and Tennessee are implementing their own bans, and Microsoft has now banned it for its employees and from their app store.
No doubt others will follow suit.
But again, it's still early days.
We still have the ability to establish guardrails.
We can and should limit how much autonomy we give these tools, and we should start now.
But I also want to acknowledge that AI is more than a liability.
For many of the experts I spoke with, it's also a beacon of hope.
Here's Nate Fick, our inaugural cyber ambassador who served under Biden.
Is AI being used offensively?
Yes, undoubtedly.
I mean, I think it's intrinsic.
We have to recognize that these technologies are always going to be used to generate advantage.
But I'm even more excited actually about what AI can do on the defensive side.
I think about the years that I spent running a company that was doing its best to build safe and secure secure software and investing an enormous amount of time and energy and money and quality assurance.
And yet still, when you're talking about millions and millions of lines of code, it was buggy stuff.
And using AI to build better software, to create things that are more truly secure by design, I think is pretty exciting.
What Nate's saying is yes, AI is already being used to hunt for vulnerable systems, to generate zero days and break in.
But the same capabilities that can find flaws can also fix them.
All those bugs we introduced in our rush to move fast and break things, AI can do what our puny human minds seemingly cannot.
Build secure code from inception.
And theoretically, it could even be used to go back and refactor faulty code at scale.
All those sitting duck routers out there, the ones that reached end of life, the ones Chinese hackers are using right now to burrow into our infrastructure, AI could theoretically be used to hunt them, lock them down, and kick hackers out.
Not yet, but that application is not far off.
And maybe most exciting of all, Right now, AI tools exist that can spot the tiniest blips, the faintest signal, like a Bolt Typhoon hacker pinging a system every 90 days just to check they still have access.
AI could help slash those dwell times from years and months down to days, maybe even down to minutes and seconds.
Here's John Holtquist.
But I'll tell you what, we did a hackathon, a security AI hackathon, to see how some of the security engineers at Google could use AI.
And there are, I think there are 43 teams competing to just show us what cool thing you could do with AI for security.
Nicole, if you sat in that room and you were a VC, you could have walked away with 20 new companies.
Like it is.
massively powerful for what security practitioners do because it's really good at finding anomalies, finding efficiencies.
There's just a lot of really cool applications for what we do every day that are really really exciting and i actually think it's going to be ultimately a better tool for us than them because what we're really lacking against them is efficient means to hunt them and essentially track them and ai is really good at a lot of those pieces and and i i was blown away like i was shaking my boss's like arm like i can't believe this this is incredible it's really powerful tool so i'm excited i think it's going to be a game changer for defenders you know we talk about the defender's dilemma or the adversary advantage.
And let me tell you, like I'm a military history nerd.
There was a time when they said the same thing about the cavalry.
Dudes on horses would roll through
a formation and that was it.
There was the offensive advantage.
And then the machine gun came and the game changed like that.
It is completely possible that we could shift the game here.
And I'm hoping that this will do it.
But we're not there yet.
We're very much in the experimental phase of this whole thing.
So we'll see how a lot of this shakes out.
Exactly how we let this shake out could determine whether AI revolutionizes our cyber defense or undermines it.
In the early days of software creation and the internet, we never paused to imagine how all this digital connectivity could be used for information mayhem and mass destruction.
Now, we don't have to imagine.
And we have to keep in mind, we had no guardrails around the creation of software.
We just let it eat the world and give everybody food poison.
You know, that's why we have a world where the internet is full of malware, software is full of vulnerabilities, social media is full of disinformation, and we can't make that mistake with AI.
So those guardrails that we put in place are incredibly important for the safety and security of global citizens everywhere.
And here's where I believe it's time for us to stop admiring the problem and actually move towards solutions.
Because cyber security is national security, none of this will be easy.
Addressing our cyber vulnerability is complex, arguably too complex to enumerate in a podcast.
And if you really want my full thoughts here, I suggest you read the final 25-page chapter of my book.
This is how they tell me the world ends.
Solving our digital predicament will involve hard compromises to our economy, to the way we do business, to our way of life.
It will involve identifying and defending our weakest links, the so-called target-rich, cyber-poor among us, the local water treatment facility that may not have the money or the people to meet this challenge today.
We've seen progress.
Think back to Nick Lawler in Littleton, Massachusetts.
His attack was detected and rooted out by the very same agency, CISA, that's undergoing massive cuts right now.
The worst thing we could do is go backwards.
We have levers to pull.
We have clear, established ways to shore up our security, our resilience.
Doing nothing is leading us down a dangerous path.
We can demand our government representatives do more.
to mandate and support basic security requirements.
And we can and should do this in a bipartisan way.
It doesn't have to mean red tape and fines.
We could offer tax credits to those that meet security standards and show that they're improving their attack surface over time.
We can and should mandate that the products we rely on are secure right out of the box and that our suppliers, whether they sell HR software or HVAC systems, meet these standards too.
And very soon, if not already, we can deploy AI to do what we humans are too lazy or too overwhelmed to do on our own.
We have new tools to pick up and isolate attacks in ways that simply weren't possible as recently as last year.
We should find ways to democratize the use of those tools.
Because at the end of the day, we exist in an ecosystem.
You could be a multi-billion dollar enterprise with all the security bells and whistles.
But what good is that going to do you when your municipal water supply goes dry?
Or worse?
We're all in this together.
And while it may feel impossible now, we can and should pursue new levers of diplomacy.
We have to climb our way out of this 25-year deterrence hole we're in with China.
Here's David Burbose at our live panel back in March.
If there are more tariffs on China, if Trump calls out China more, I think you'll see them double down on getting into U.S.
infrastructure.
You can guarantee that they're going to be more aggressive.
If they see that as leverage, then this is what we need to do for the next negotiation.
And I think a lot of these things about Taiwan are also about giving them the leverage to say, if the U.S.
in any way moves on Taiwan or changes the policy enough, just letting you know we're in everything.
We want you to know that.
We want to show that.
China is more powerful now.
They're probably going to show that they don't have to bend or bow as much or even negotiate in the same way.
And this environment is ripe for them to be a bit more aggressive.
So I think we should expect more from China.
In this period of rising tensions, we should absolutely expect more hacking, more IP theft, more targeting of critical infrastructure from China.
But this current approach to China, it's not the solution.
In many ways, it's too late.
Listen, we let China take some of our most valuable assets, our IP.
We looked away as companies went bankrupt, factories shut down, entire towns were hollowed out.
I believe that economic devastation helped sow the resentment that is shaping much of our current politics.
But what no one ever talks about is the hacking.
In an ideal world, my view is we would have exacted tariffs on China 15 years ago, stiff tariffs, or even outright bans on any Chinese product that relied on our own stolen IP.
And ideally, we would have done this together with our allies to make sure that these Chinese copycats didn't eat up our global market share and wipe out our companies and factories.
And then, and again, this is Nicole's ideal world here.
We would have all ratcheted up those tariffs and upped the pain each and every time we caught Chinese hackers rifling through our critical infrastructure.
Instead, we let them do all of this for free.
But what we're doing now, this impulsive trade war we're in where we carve out exemptions for some but not others, implement one tariff rate one day, another the next, It's not deterrence.
Deterrence requires coherent policy and universal enforcement.
And we can't do it on our own.
We need allies in this fight.
And in case you've been living under Iraq lately, we're losing our allies, left and right.
Just this month, May, the Democracy Perception Index released a survey of 96 countries.
For the first time ever, the vast majority,
nearly 80%,
said they held a more favorable view of China than the United States.
And that,
that might be the most glaring red warning light of all.
Because a country is more than its borders.
It's a story.
And once the world stops believing in the story of America, it's not just our alliances we lose.
It's our leverage, our legitimacy, and eventually, our ability to solve the problems that will define the next era.
These are the critical assignments of our time.
Many will say they're impossible, but we've summoned the best of our scientific community, government, industry, and everyday people to overcome existential challenges before.
There's no reason why we can't do it again.
So my plea to you is this.
Identify where you can put your own finger on the scale and press down.
It's all too easy to tune this out.
To think it couldn't be further from you.
That some cyber guy somewhere has it all taken care of.
But that couldn't be further from the truth.
Solving this takes all of us.
Even if your job couldn't feel further from the digital realm, even if you're thinking to yourself, but I'm just a pipeline operator.
I run a small-town power company.
Ready or not, you're on the new front line.
Welcome.
Welcome to the battle of our lifetime.
But if you think these issues are just an intelligence issue or a government problem
or a nuisance largely just for big corporations who can largely take care of themselves, you could not be more wrong.
It's the people of the United States who are the victims.
To Catch a Thief is produced by Rubrik in partnership with Pod People, with special thanks to Julia Lee.
It was written and produced by me, Nicole Perleroth, and Rebecca Shasson.
Additional thanks to Hannah Pederson, Sam Gebauer, and Amy Michado.
Editing and sound design by Morgan Foose and Carter Wogan.
