
Loading summary
News Anchor
Google is threatening to pull out of China over computer attacks that pried into the email accounts of human rights activists. Google also says it will stop censoring its search results in China. The government bans politically and socially sensitive content. The change of heart had people leaving flowers at Google's Beijing headquarters. And President Obama says he backs the right of Internet freedom in China. Another sign of support, bouquets of flowers appeared outside Google's headquarters in Beijing. China's government has refused to comment specifically on the issue other than to say it wants to foster a healthy Internet community according to their laws and regulations. Google the search engine making some major changes in China. Google may pull out of the country.
Nicole Perlroth
Completely because of China's censorship rules.
News Anchor
The announcement triggering an outpouring of concern from Internet users in China. Supporters even placing flowers and notes at the company's locations in China.
Nicole Perlroth
On It's January of 2010, Google has just come forward. They publish a blog post announcing they've quote detected a highly sophisticated and targeted attack on our corporate infrastructure originating from China. The uproar is immediate. But rather than trigger an avalanche of disclosures, things went the other way.
Felicia Taylor
China is slamming Google for pulling out of the communist country. Google's moving operations to Hong Kong in a battle against Chinese censorship. China called Google's move to Hong Kong totally wrong. Says the search engine broke promises to play by the government's rules.
News Anchor
Most of Google's China based web search functions have moved to Hong Kong. This step has opened a new phase in the two month long battle over censorship that's pitted the world's most powerful Internet company against a government that tightly restricts the flow of information in the planet's most populous market. Google vs China in a censorship fight. The Internet giant makes a move and starts to pull out of China. Felicia Taylor in New York with the details. So Felicia, so does Google's Chinese website still exist? Yeah, absolutely Kira. It does still exist, but it actually only redirects users to its site in Hong Kong which is uncensored. Microsoft and Yahoo continue to chip away ever so slightly at Google's huge search market dominance. And of course Baidu might really be the only game in town in China if Google really does eventually pull out.
Nicole Perlroth
Google pulled its search engine from China, handing billions in revenue to Google's main Chinese competitor Baidu. The result was a profound chilling effect. The lesson other Chinese hacking victims took from this was keep quiet, don't offend the gatekeepers to the world's largest market. It would be years before another company came forward. Google's is the breach that just gets worse the more you learn this wasn't just some Chinese hackers gone rogue. Months after Google went public, WikiLeaks dumped a US embassy cable that described just how high up the chain of command this went. Google's hack had been orchestrated by a senior member of China's politburotthe equivalent of a US Cabinet member. Apparently he Googled himself, found the results to be unacceptably unflattering, and ordered a hit on the company. According to this cable, quote, government operatives, public security experts and Internet outlaws recruited by the Chinese government took it from there.
News Anchor
WikiLeaks has released new State Department cables that point the finger at the Chinese government for a series of cybercrimes. The messages show US Contacts accused Chinese officials of ordering hacking against Google, while diplomatic cables released by WikiLeaks opened a window into a controversial censorship battle in China. According to the cables, China has been hacking into US Government and Google computers for nearly a decade. And the hacking of Google has allegedly been overseen by top officials in the Chinese government.
Nicole Perlroth
But there's still one element of the breach that Google and US officials were cagey about. Still are. And it wouldn't surface for years after the attack. Three years after Google outed its own breach, Microsoft offered a starkly different postmortem. Google's hackers hadn't just gotten access to Chinese activists and dissidents Gmails, they'd gotten access to a counterintelligence goldmine. I'm Nicole Prolorath and this is To Catch a Thief. You may recall that last episode, Heather Atkins, who ran point on Google's breach, mentioned that governments have front door kinds of ways to access its users Gmail accounts. If they've got evidence that a Gmail user is engaged in a crime or some kind of national security threat, say they have reason to believe a Gmail user is actually a Chinese spy. They'll serve Google with court orders demanding it give the government access to their Gmail account. Well, according to Microsoft, the Aurora hackers got access to the very system the US Government used to lawfully intercept Gmail accounts. This is important and it will come up again when we get to a very recent Chinese espionage campaign. But for now, what you need to know is China has a keen interest in knowing who the US Government is targeting with these lawful intercept requests. They'd especially want to know if any Chinese agents covers had been blown. And they could get that intelligence one of three ways. Option one, they could recruit an informant at the FBI or a US Intelligence Agency. Difficult, but not impossible. Option two, they could hack these agencies. Equally difficult, perhaps. Or option three, they could hack into Google and watch the watchers. And that, according to Microsoft, is precisely what Aurora's hackers did. None of this was mentioned in Google's blog post, by the way, and Google's leaders have never spoken publicly about it. Still, the fact Google went public at all was momentous. But in the silence that followed, the hacks only escalated. That group behind Google's hack would go on to breach thousands more victims. But sometimes these breaches were too big or too serious to keep quiet. One year after Google, the very same hackers came for the security world's keys to the kingdom. They hacked a company called RSA and stole the keys to their core security product, RSA's Multi Factor Authentication devices, the ones used by millions of employees at companies all over the world to log into their corporate networks.
News Anchor
And so it's kind of like they broke into the locksmith's office first, got the skeleton key, and then broke into this company hq.
Nicole Perlroth
How did they do that?
News Anchor
It's unclear. Neither RSA is giving a lot of details about how it got hacked, nor is Lockheed talking a lot. But there's a lot of talk of what's called advanced, advanced persistent threat.
Nicole Perlroth
With RSA's keys in hand, China's hackers were able to leapfrog from RSA into its customer networks at high value targets like Lockheed Martin. That same group, they're still hacking today, by the way. In 2023, they came for Microsoft using a similar MO they leapt from Microsoft into its customers email accounts. But this time it wasn't dissidents emails they were after. It was the emails of senior officials, including the US Ambassador to China, Nick Burns, and Commerce Secretary Gina Raimondo. They downloaded 60,000 emails from the State Department alone. All told, they read through emails belonging to more than 500 people at 22 different organizations, all through this one hack of Microsoft. But back to 2010, aside from Google, few victims ever stepped forward. Hacking was treated as a crime of shame. As a reporter at the New York Times, trying to get these companies to go on the record was a fool's errand. Nobody would talk. That is, until they came for us. In the fall of 2012, I got a tip that there were hackers inside the Times, outside of our security team. Almost no one at the paper was aware of the hack. I was told tell no one. Our security team had made the oh shit call. They brought in Mandiant. Their analysts traced the malware Back to a familiar foe. A group mandiant internally called APT1. It was a particularly brazen unit of the Chinese military based in Shanghai called unit 61398. Our immediate concern was sabotage. This was just two months ahead of the 2012 presidential elections. Our security team was worried this might be an attempt to mess with our coverage. I embedded with our security engineers and watched the hacker we affectionately came to call the PLA Summer Internet. Every day they'd roll into our networks at 9am Shanghai time and roll out around 5. They'd phished us and then they started moving laterally, making their way through 53 of my colleagues computers. Out of an abundance of caution, our IT team confiscated every one of those machines. Confused colleagues would show up to work and find post IT notes where their computers had once been. These notes just said we have your computer. Signed it without further explanation. Tracking these hackers I got a sense for Heather's paranoia. There were some nights I'd return home to my empty apartment and wonder if these Chinese hackers had followed me home. When my cable box started making strange sounds, I convinced myself hackers were inside. But based on hackers queries and other digital crumbs, these hackers weren't there for me and they weren't there to shut us down. At least not yet. They were after our sources. And the sources for one reporter in particular, Right?
David Barboza
Right. So David Barboza, and I'm a former New York Times correspondent.
Nicole Perlroth
The very same month I got the first tip about the Chinese hackers in our systems, David had been putting the finishing touches on a massive years long investigation about the secret wealth of Chinese leaders and their families. Clearly the party was onto David's reporting and they were after his sources. But the irony was that his investigation wasn't based on a deep throat. It was based on reams of documents hiding in plain sight.
David Barboza
And so I actually wanted to do this story looking into the secret wealth of Chinese leaders for four or five years. But I didn't think I could get the documentation. But I had collected really in paper notes over years. Many dinner discussions, I would go back home and I would write some notes. I heard this about the Prime Minister's family. I heard this about another Politburo Standing committee member. I heard this about how they had this secret wealth through private companies and public companies. So eventually by 2011 I had talked to the editors and I said I'm going to try to figure out whether there are documents and evidence to prove what I've been hearing about year after year in private meetings with friends and with business people that there's this huge amount of secret wealth in their hands. I was a documents person. I had written about Enron and others. I love documents in corporate records. And I actually mapped out, like, everyone who had been on the Politburo or the Politburo Standing Committee for the last 20 years. And I ended up focusing on the prime minister at the time, Wen Jiabao, because I had so many notes about him. My friends had met his wife, who was called the Diamond Queen. I had heard about his son, who was in private equity and worked with, like, Goldman Sachs and others. And to be honest, I was hoping to find 2 to 3 million dollars worth of hidden money. I never imagined that we would end up with 2 to 3 billion dollars, and that was our conservative estimate.
Nicole Perlroth
David was able to trace the flow of funds through a maze of shell companies to Wen Jiaobao's relatives inside China. This was precisely the kind of story that puts a reporter, their family, and their research assistants in danger.
David Barboza
Any foreign correspondent, especially foreign American outfit, would know that when you're in China, you are followed. State security has assigned people to follow you to interview your research assistants, camp out sometimes in front of your building to see where you come and go, to take them to tea, to ask them, what is David reporting on? Where is he going? So the entire time I'm in China, I know I've been followed many times. Our car has been tracked from hotels. When I check into hotels in China, I give them my passport, which says I'm a journalist. And therefore the next morning, state security or public security is there and they might follow me for the day. They are very concerned with what you're writing about. And there's no concern greater than the personal lives or the families of the leaders. If you're going to be dealing with anything about leaders and their families, you're going to be really a top target of the Chinese government. We know not to make phone calls, not to meet people that give away what we're working on. I didn't even want my New York Times colleagues in Beijing to know what I was working on, because if they mention it to someone that they meet, then this is a really. I knew by 2011, but especially by 2012, my life is in danger. They could easily kick me out. But also, my wife is a Chinese citizen. This is a super sensitive topic. And I remember calling one of our lawyers and telling him about this story, and he said to me, your life is in danger. Before you publish that is gonna Be the most dangerous time for you before you publish this article.
Nicole Perlroth
As David was finalizing his reporting, the Chinese Communist Party was changing hands. In 2012, the party named named a new general secretary, Xi Jinping. Less than six months later, Xi would become president. Xi had fought his way through the party ranks with impeccable discretion. That meant no one could say for certain what type of leader he would be. But very soon, it became clear that Xi was determined to consolidate power. Xi was haunted by the collapse of the Soviet Union. He referenced it in speech after speech speech and blamed the collapse on Gorbachev's democratic reforms and political liberalization. For Xi, the lesson was this. For a party so large to stay in power, it would have to demand total obedience and control. Under Xi, the CCP started clamping down on foreign press. In speeches, party leaders took to calling Western reporters, quote, hostile foreign forces. Reporters started getting roughed up, even detained, for covering something as seemingly innocuous as a Chinese film festival. Human rights groups say that China's government is engaged in the worst crackdown on dissidents in decades. Activists, professors, and journalists have all been detained this year alone. Excuse me. You know you have no right to do this. So we're sitting here, they're surrounded by police. The protest was a peaceful protest, so it's unclear why, in fact, they rushed on us like this. Our own researchers in Beijing had been arrested before. Nearly a decade earlier, a Chinese Times researcher was arrested after the paper published a story about the imminent retirement of a senior party leader. The information hadn't even come from the researcher, but he was sentenced to three years in prison. Regardless, what David was now doing, reporting out the secret wealth of China's prime minister is as dangerous as it gets. China's whole regime is predicated on a kind of grand bargain. So long as Chinese citizens see their lives materially improving, they're willing to stomach a certain level of authoritarianism from their leaders. But corruption, that can throw a wrench in the whole arrangement. Corruption, or even just the appearance of it, was the thing China's leaders feared most, arguably even more than the five poisons. Corruption was the surest way to unravel the party's social contract with its people. And what David was reporting, not just corporate corruption, but corruption at the highest levels of Chinese governance. That was a powder keg. Precisely the kind of story that could so societal unrest, the kind of story the party would do anything to.
David Barboza
Barry, I know this is gonna be the most dangerous thing I do, that my wife and myself are somewhat at risk so my goal early on was no phone calling, very careful, like strategy of. Rather than calling up people and saying, can I talk to you about the Prime Minister's wife who's in the diamond business? My strategy was, I think I'm going to do a story about the diamond business and I'm going to ask people about the diamond business and then say, by the way, who is this woman? So how do you roundabout try to understand areas and then touch upon the thing without going directly for it. So I had a pretty complicated strategy going into it, but a key part of that was do not let people know what I'm doing. And if you looked through my reporting of 2012, I think I wrote 50 or 60 stories outside of this project just to sort of make people think I'm doing my regular job.
Nicole Perlroth
But over that same time period, David starts requesting documents from the Chinese government, documents about Wen's family members and their stakes in several private Chinese companies.
David Barboza
So imagine like we're getting a set of documents in, it's coming from the Chinese government, it's stamped, it's coming in the mail. We open it, it's in Chinese, and we're like, wow, in these documents, here's the name of the Prime Minister's wife, here's the name of the other relatives, here's their ID number, here is their resume. Is this a trick? Do they know that we're looking at this? In About May of 2012, we started to notice that maybe someone was on to what we were doing. And people started to question our driver, the New York Times driver for the Bureau in Shanghai, and some of my colleagues. And so In July of 2012, I said, @ the Times, we're quite nervous. We think they're on our trail. We don't know for sure, but they're asking questions. I think I should come back and finish the article. In New York.
Nicole Perlroth
David starts shoving sensitive documents in safes. He shreds any he doesn't need. Over the next few weeks and months, he carts suitcases chock full of documents from Shanghai to New York, then Tokyo, until he approaches something close to a final draft. I was going to ask what's going to happen at the airport if anyone opens this suitcase?
News Anchor
Yeah.
David Barboza
They would be like, wow, your Chinese is really good. Because it was all in a lot.
Nicole Perlroth
Of Chinese documents that September. Unbeknownst to David, the hacking begins. But his anxieties were elsewhere.
David Barboza
I just scrambled every day, thinking, if I get anything wrong, it's the end of my career. Believe it or not, the scariest thing for me about this story was not that the Chinese government was going to capture me or arrest me or kill me. The scariest thing was that the New York Times was going to capture me and kill me because I had gotten something wrong about it and that I would have no career. So I had both the excitement of this great story, but also the fear that a lot can go wrong when you're dealing with this many documents in a foreign language with so many moving parts.
Nicole Perlroth
Finally, David makes it to the home stretch. He starts making calls. He calls the family members of China's prime minister and their business associates to walk them through everything he has.
David Barboza
We started to call the people who were involved with the family of the prime minister and get them on the phone, which was so important to. You know, it's great to do something based on documents, but you always need someone who's been involved with those documents to say, what do they mean? Do they mean what I think they mean? Is this true? And believe it or not, they talked to me and they helped confirm some things.
Nicole Perlroth
Once those editors are confident the reporting's ironclad, they greenlight publication. But before the article goes live, David makes one final call to the powers that be.
David Barboza
The government was not happy, obviously, but we were going to publish.
Nicole Perlroth
What was the most memorable part of that final conversation?
David Barboza
The most memorable part was the editors told me we were going to publish that evening. It was late in Tokyo, was early in New York, and I recall calling Qin Gong, calling the foreign minister who was our window into China and the Chinese government. He'd already denounced me and the Times and said that we were damaging U S. China relations and we should not publish. And I told him that we were going to publish within hours. And I remember him telling me, no, you're not. And I thought, really, I think we are. And he kept saying, no, you're not. And. And I said, I think we are. It's not my decision. I think the editors are already decided they're going to publish. And I remember him saying, don't do it, David. Like, don't. You're not. Do not do this. And I kept saying to him, it's beyond my control. We have everything we need and we're going to publish. I remember them telling me, this would have grave implications for your wife who's Chinese, and for you in China, but also for the New York Times Chinese language site which they had just started. I might have been six months in operation.
Nicole Perlroth
At this point. Chinese hackers were deep inside the Times back in San Francisco. I'd been tracking them all for what I'd hoped would be a story detailing their assault on the paper. But my bosses were emphatic. I couldn't publish anything until we'd found and sealed up every last Chinese backdoor. And I was still under strict orders not to tell anyone what I was working on. They worried any internal chatter would tip off our Chinese interlopers. While I stayed in this holding pattern, David published his story on October 25, 2012. The CCP immediately blocked mainland access to the Times and shut down our news Chinese language site.
News Anchor
Now China has dismissed as a smear a New York Times report which claims that Premier Wen Jiaobao's family has become rich during his term in office. The newspaper says its website has been blocked in China following publication of the story.
Nicole Perlroth
It was only after David's story published that the two of us finally spoke. I'd assumed someone else at the Times had let him in on the fact that Chinese hackers were crawling through through his emails. Nope. I remember dialing you thinking, how am I going to do this? Because if they're inside his email, they're most certainly recording this phone call. So I remember calling you.
David Barboza
Yes.
Nicole Perlroth
And I remember saying, David, hi, this is Nicole Prularoth. We haven't met yet. I'm the cybersecurity reporter in San Francisco. I think you know why I'm calling. And do you remember what you said?
David Barboza
No.
Nicole Perlroth
You said, I have no idea why you're calling. No one had actually bothered to tell you or perhaps were too afraid to tell you over phone or email that Chinese state sponsored hackers were inside our computer systems, inside your inbox at that very moment, reading all of your emails and that they had been into our systems for several months.
David Barboza
I remember all through 2011, 2012, I had refused to use the New York Times, David Barbozytimes.com or whatever. Barbozytimes.com I was using Gmail because I thought it was better and safer, which really annoyed the editors. And I remember when we were finishing my article, they said, will you stop using, using this Gmail and put your stuff on the New York Times account? Which is exactly the account they hacked, right? So when they hacked into my account, they probably were like, why is this account so empty? Why isn't this guy. Where are his sources?
Nicole Perlroth
After David published, he got to work on a follow up story.
David Barboza
And I remember the editor saying, you cannot go back to China to pick up your things and pack until you publish the second article. And it was almost Comical to me that after we published the second article, the Times were like, okay, you can go back to Shanghai. Like, we have the articles. You can go back. Great work. And I went back, and I didn't realize it, but they had arranged for a New York Times reporter, Andy Jacobs, to cover my arrival back in China and possibly my arrest. And so as I touched down in Shanghai from Tokyo, the Times had the expectation I very well could be arrested at the airport. I went through customs. No one said anything. My driver showed up. I was going back home, and I got a call from Andy Jacobs saying, did you arrive? And I said, I arrived. He said, well, where are you? I said, I'm at Hongchao Airport. And he said, oh, I'm at Pudong Airport. He was at the wrong airport. So I thought, great, Andy. So if I was arrested, you were supposed to cover my arrest, but there's no one there at the airport when I was actually got off. But I went back to China. Strangely, I was able to renew my visa. I think the Chinese government basically did not want to make a rash, quick decision, and they let me renew, and then it became awkward to kick me out. New York Times reporters were not allowed to enter China after the story, but those in China were not kicked out. And for three more years, I continued to report. I did get lots of death threats. And at the end, you know, by 2015, Lynn and I, my wife, knew it is too dangerous. They're basically having people call us saying they're hitmen and they're gonna murder us and our children. So then it was clear, like, we have to leave.
Nicole Perlroth
Wow. But back to that fall of 2012, at the Times, it took four months to kick the PLA out of our systems. We knew we couldn't hit publish on my story until we'd kicked out our hackers for good. By January of 2013, we were ready to move forward, but some on the masthead were getting cold feet. With my story written, edited, and ready to go, I was summoned to a call. One editor asked, why exactly are we publishing this story again? Another worried what our competitors at the Wall Street Journal and the Washington Post would say. These questions went above my pay grade, but I told them, I don't think they're going to say very much because there is a very high likelihood that they've been breached too. I told them about the two types of companies. I explained that everyone was hiding these breaches, and they made the case that as a news organization, we had a unique obligation to come forward. That argument seemed to win the day and to the Times eternal credit, they decided to publish. After that, there was just one last call to make to China's government spokesmen. It was critical to give them a chance to respond. The party came back with a full throated denial, but they'd added a digit. To accuse the Chinese military of launching cyber attacks without solid proof is unprofessional and baseless. That one would come back to bite them later. We hit publish.
News Anchor
It's a story that's hit home. The New York Times reporting on a cyber attack on its own computers.
David Barboza
For the last four months, Chinese hackers.
News Anchor
Have persistently attacked computers here at the New York Times. The paper says the hackers stole reporters passwords and hunted for files on an investigation into the wealth amassed by the family of a top Chinese leader.
Nicole Perlroth
Almost immediately, those competitors we were worried about, they came forward too. The Washington Post.
News Anchor
The Washington Post said it first discovered it was the victim of a sophisticated cyber attack. Back in 2011.
Nicole Perlroth
The Wall Street Journal.
News Anchor
China being accused of hacking into two prominent US media companies. The Wall Street Journal.
David Barboza
And a day after, the New York Times addressed this issue as well. I suppose being, you know, accused of.
News Anchor
Being hacking into, it's like a badge of honor.
Nicole Perlroth
Suddenly it was like you weren't even a legitimate news organization if you hadn't been hacked by China. Here's Kevin Mandia.
Felicia Taylor
The New York Times going live really made the difference. Washington Post followed suit. Wall Street Journal, everybody, you know, kind of came out after that. And it became okay to say that you had been compromised by Chinese cyber espionage. But 2004 to 2011, it really was just sort of a thing that didn't get announced.
Nicole Perlroth
Once the New York Times came out, floodgates opened that two types of companies.
News Anchor
Refrain, those who've been hacked by the.
Nicole Perlroth
Chinese and those who don't yet know.
News Anchor
They'Ve been hacked by the Chinese.
Nicole Perlroth
It suddenly felt a lot more real. But China's surveillance apparatus, the one it honed on Uyghurs, the five poisons, the dissidents, journalists. It was only the means to achieving an end, control, obedience. That was only step one. What the party long sought was economic supremacy to move China from the world's manufacturing closet to an innovator in its own right, a superpower. To pull off that pivot that would require the crown jewels of capitalism, intellectual property. And lest we forget, Aurora went far beyond emails with Google.
Kevin Mandia
It was a simpler case that there were dissidents using Gmail activists, Tibetan activists and the like, and they wanted to get Access to their email inboxes potentially identify people in China that they could target. So very dire situation, obviously for those individuals, but not clear that there was sort of a broader national security or economic security issue. But as we started looking at, even within Aurora, the victimology of that group, yes, there were defense contractors and clear national security use case there, but there were also straightforward technology companies, there were manufacturing companies that were part of that victimology. And it was clear that there were no dissidents to target in those companies, that there was no state secrets, that it was just straightforward IP theft, intellectual.
Nicole Perlroth
Property theft, stealing research, trade secrets. Sit with that for a second. These aren't market competitors we're talking about. This is a world power, a nation state coming for private American companies. Because why spend decades and billions of dollars, dollars on your own R and D when you can just hack it? That's next on To Catch A Thief.
David Barboza
There were breaches against, I think, thousands of companies who had this, this valuable intellectual property that essentially went out the back door.
Felicia Taylor
I've done my 10,000 hours of, you know, forensics on these systems and it was alphabetical. I mean, I hate to say it, these guys were gaining access to machines and just going through the directory that started with A, then the directory that started with B. And they didn't take by file, they just took the whole directory. I used to call it the tank through the cornfield. You know, it was just mowing down files and taking as much as they could follow.
Nicole Perlroth
To Catch a Thief. To make sure you don't miss the next episode and if you like what you hear, rate and review the show. To Catch a Thief is produced by Rubric in partnership with Pod People, with special thanks to Julia Lee. It was written and produced by me, Nicole Perleroth and Rebecca Chasson. Additional thanks to Hannah Petterson, Sam Gabauer and Amy Machado. Editing and sound design by Morgan Foose and Carter Wogan.
To Catch a Thief: China’s Rise to Cyber Supremacy
Episode 2: Then They Came for Us
Release Date: March 17, 2025
Host: Nicole Perlroth
The episode opens with a compelling news report highlighting Google's decision to threaten pulling out of China due to cyberattacks targeting the email accounts of human rights activists. This move also entails Google ceasing to censor its search results in China, directly challenging the Chinese government’s stringent internet control measures.
Nicole Perlroth underscores the significance of this decision, linking it directly to China's censorship regulations.
The public's reaction is palpable, with supporters expressing their concern by leaving flowers and notes at Google's Beijing headquarters.
Nicole delves into the historical context of Google's cyber breach in January 2010, where Google publicly disclosed a sophisticated, state-sponsored attack originating from China.
This revelation triggered an immediate uproar, but rather than leading to a transparent disclosure of cyber threats, it resulted in increased caution among Chinese hacking victims.
Felicia Taylor provides additional context, explaining how Google's departure impacted the Chinese search market dominance.
Nicole reveals the depth of the breach, tracing it back to high-level Chinese government involvement, specifically a senior member of China’s Politburo.
The narrative progresses to the attack on RSA, a pivotal moment that demonstrated the escalation of Chinese cyber capabilities.
Nicole elaborates on the implications of this breach, highlighting how it enabled further infiltration into high-value targets like Lockheed Martin.
The conversation shifts to the ongoing threat posed by these sophisticated hackers, even extending to major corporations like Microsoft in 2023.
A significant portion of the episode focuses on the personal accounts of David Barboza, a former New York Times correspondent, detailing how Chinese hackers infiltrated the Times’ systems while he was investigating corruption among Chinese leaders.
David recounts his meticulous research into the secret wealth of Chinese officials, a story that made him a prime target for cyberattacks.
The hackers, identified as PLA Unit 61398, systematically infiltrated the Times’ network, targeting Barboza’s investigative work.
Barboza describes the intense pressure and danger he faced, both personally and professionally, as the Chinese government ramped up its efforts to suppress his reporting.
The turning point comes when Barboza publishes his groundbreaking story, revealing the extent of the Chinese cyberattacks not only on the New York Times but also on other major media outlets.
After the publication on October 25, 2012, the Chinese Communist Party (CCP) reacted swiftly by blocking access to the Times’ website in China and denouncing the report as a smear.
This disclosure prompted other major media organizations, including the Washington Post and Wall Street Journal, to acknowledge their own breaches, shattering the long-held silence on such cyber infiltrations.
Nicole highlights how this collective acknowledgment transformed the narrative, making Chinese cyber espionage a central issue in the media landscape.
The episode shifts focus to the broader motivations behind China’s cyber activities, moving beyond targeting dissidents to engaging in large-scale intellectual property (IP) theft aimed at achieving economic dominance.
Nicole emphasizes that these actions are not mere corporate espionage but are strategic moves by a nation-state to propel China from a manufacturing hub to a global innovator.
Felicia Taylor provides a vivid analogy to describe the systematic and indiscriminate nature of these cyberattacks.
Nicole Perlroth concludes the episode by setting the stage for future discussions, emphasizing the multifaceted nature of Chinese cyber threats—from political suppression to economic conquest through IP theft.
Listeners are encouraged to stay tuned for subsequent episodes that will delve deeper into the strategies and impacts of China’s cyber operations.
Nicole Perlroth [02:27]: "Google pulled its search engine from China, handing billions in revenue to Google's main Chinese competitor Baidu. The result was a profound chilling effect."
David Barboza [19:38]: "So imagine like we're getting a set of documents in, it's coming from the Chinese government... Is this a trick? Do they know that we're looking at this?"
Felicia Taylor [33:58]: "They were gaining access to machines and just going through the directory that started with A, then the directory that started with B."
Evolution of Chinese Cyber Threats: From targeting dissidents and human rights activists to large-scale intellectual property theft aimed at economic supremacy.
Impact on Major Corporations and Media: High-profile breaches of Google, RSA, Microsoft, the New York Times, Washington Post, and Wall Street Journal underscore the pervasive nature of the threat.
State-Sponsored Operations: The involvement of senior Chinese government officials and military units highlights the strategic and state-directed nature of these cyberattacks.
Industry-Wide Silence and Transformation: Initially, companies remained silent about breaches, but collective acknowledgment by major media outlets marked a shift in transparency and awareness.
Personal Risks for Journalists: Investigative reporting into Chinese corruption carries significant personal and professional risks, as exemplified by David Barboza’s experiences.
To Catch a Thief offers a gripping exploration of China’s strategic ascent in the cyber realm, detailing the sophisticated and state-sponsored nature of its cyber operations. Through personal narratives, expert insights, and detailed accounts of major cyber incidents, the podcast paints a comprehensive picture of the modern cyber battleground.
If you found this summary insightful, please make sure to listen to the full episode for an in-depth understanding. Don’t forget to rate and review the show to support future episodes.