Podcast Summary: "To Catch a Thief: China’s Rise to Cyber Supremacy"
Episode 7: "Everything Everywhere All At Once"
Release Date: April 28, 2025

Introduction

In Episode 7 of "To Catch a Thief: China’s Rise to Cyber Supremacy," host Nicole Perlroth delves into the intricate and pervasive nature of Chinese cyberattacks on American critical infrastructure. Titled "Everything Everywhere All At Once," this episode explores the evolution of Chinese state-sponsored hackers, their strategic infiltration of various sectors, and the broader implications for national security.

The Compromise of Littleton

The episode opens with a gripping account of Nick Lawlor, the general manager of a local utility in Littleton, Massachusetts. On a seemingly ordinary Friday, Lawlor receives a suspicious call purportedly from the FBI, alerting him that his company's network has been compromised by Volt Typhoon—a code name for Chinese state-sponsored hackers.

Nick Lawlor [02:05]: "I really did not believe that it was real. Didn't believe him... It was the first time I ever heard of Volt Typhoon."

Despite initial skepticism, Lawlor verifies the authenticity of the call, leading to a confrontation with FBI and Homeland Security agents. They reveal that Volt Typhoon had infiltrated not only Littleton's utility but also around 200 other critical entities nationwide over the past ten months.

The Rise of Volt Typhoon

Volt Typhoon represents a significant escalation in Chinese cyber capabilities. Unlike earlier, less sophisticated attacks, Volt Typhoon's approach is methodical and strategic, embedding itself deeply within critical infrastructure sectors such as energy, water, transportation, and communications.

Narrator [00:17]: "China is climate change."

This metaphor underscores the gradual yet pervasive infiltration by Chinese hackers, contrasting with the more aggressive and overt tactics historically associated with Russian cyberattacks.

Stuxnet and Its Legacy

Perlroth recounts the landmark Stuxnet attack, a joint US-Israeli cyber operation aimed at sabotaging Iran's nuclear program. Discovered in 2010, Stuxnet was unprecedented in its sophistication and specificity, targeting Iran's uranium centrifuges without causing immediate physical destruction.

Narrator [12:19]: "Stuxnet remains the most sophisticated cyber attack on record."

The episode highlights how Stuxnet set a new precedent for cyber warfare, demonstrating the potential for code to cause physical damage and disrupt national capabilities. Stuxnet's success also revealed the vulnerabilities inherent in interconnected systems, paving the way for future state-sponsored cyberattacks.

Chinese Cyber Strategy and Industrial Espionage

Following Stuxnet, Chinese cyber activities expanded beyond intellectual property theft to include sabotage and infrastructure disruption. The Telvent hack in 2012 serves as a pivotal example, where Chinese hackers infiltrated a Canadian IT company specializing in industrial automation. This breach granted them access to critical systems managing pipelines, water treatment, and power grids across North America.

Dale Peterson [10:17]: "It could do a couple things... it could change some of the source code, deliver bad code with a backdoor or something of that nature."

The Telvent incident exposed the strategic intent behind Chinese cyber operations: leveraging compromised systems as gateways to broader infrastructure networks, thereby increasing the potential for large-scale disruption.

Digital Silk Road and Huawei's Role

Simultaneously, China was advancing its global influence through the Belt and Road Initiative (BRI), which later expanded to include the Digital Silk Road. This initiative aimed to integrate developing nations into China's digital infrastructure, primarily through Chinese technology companies like Huawei and ZTE.

Nicole Perlroth [31:05]: "The Digital Silk Road was to help usher developing nations into the Internet Age... it also guaranteed the PRC a permanent footing in the world's digital backbone."

Huawei emerged as a central player, offering cost-effective telecommunications equipment and 5G infrastructure. However, concerns arose regarding Huawei's potential to embed backdoors into global networks, allowing for covert data access and control.

Nicole Perlroth [35:38]: "In 2017, China passed a suite of intelligence laws requiring any organization... to support, assist and cooperate with state intelligence work."

Despite official denials from Huawei, US officials and intelligence sources expressed skepticism about the company's commitment to security, highlighting the inherent risks of integrating Chinese technology into critical infrastructure.

Current Threats and Future Implications

By 2020, the infiltration by Volt Typhoon had intensified, with Chinese hackers securing access to a wide array of American infrastructure sectors. These attacks were characterized by their stealthy nature—eschewing malware for persistent, low-and-slow techniques that allowed continuous access without detection.

Narrator [44:19]: "All of a sudden we see Chinese threat groups since about late 2020... What are they there for?"

The episode underscores the looming threat of a potential "cyber Pearl Harbor," where synchronized cyberattacks could cause widespread physical destruction and societal chaos. Former Defense Secretary Leon Panetta's 2013 warnings are revisited, emphasizing the accuracy of his predictions about the vulnerabilities of US infrastructure.

Conclusion

"Everything Everywhere All At Once" paints a comprehensive and alarming picture of China's systemic approach to achieving cyber supremacy. Through strategic infiltration, industrial espionage, and the leveraging of global initiatives like the Digital Silk Road, Chinese state-sponsored hackers pose a multifaceted threat to American national security. The episode serves as a stark reminder of the critical need for enhanced cybersecurity measures and proactive defense strategies to safeguard vital infrastructure against evolving cyber threats.

Nicole Perlroth [45:00]: "They're here, lying quiet. The only question now is, what's the trigger? And what happens when they pull it."

Notable Quotes

• Nick Lawlor [02:10]: "He kept on saying he needed to get on our personal email so that way the threat actors couldn't detect his presence."

• Nicole Perlroth [00:45]: "Imagine you're the general manager for a local utility... and then one Friday afternoon, you get a call. It's the FBI."

• Dale Peterson [21:10]: "The hack got into their network in such a way that it could do a couple things... it could change some of the source code, deliver bad code with a backdoor or something of that nature."

• Narrator [24:14]: "The collective result of these kinds of attacks could be a cyber Pearl harbor, an attack that would cause physical destruction and the loss of life."

Final Thoughts

Episode 7 of "To Catch a Thief" meticulously unravels the complexities of Chinese cyber operations, emphasizing their deep-rooted presence across multiple facets of American infrastructure. Through firsthand accounts and expert analyses, the episode illustrates the urgent need for robust cybersecurity frameworks to counteract and mitigate the pervasive threats posed by state-sponsored cyber adversaries.