Summary of Podcast Episode 8: "Living Off The Land"

To Catch a Thief: China’s Rise to Cyber Supremacy
Host: Nicole Perlroth
Produced by: Rubrik in partnership with Pod People
Release Date: May 5, 2025

Introduction to "Living Off The Land"

In the eighth episode of To Catch a Thief, host Nicole Perlroth delves into the sophisticated cyber strategies employed by China to infiltrate and dominate American critical infrastructure. The term "living off the land" refers to Chinese hackers' method of stealthily embedding themselves within U.S. networks without deploying malicious code, making detection exceedingly difficult.

Nicole Perlroth (00:01): "These hacks are far from harmless. They're sleeper cells waiting for marching orders."

Kevin Mandia, a cybersecurity expert, explains the subtlety of these intrusions:

Kevin Mandia (00:32): "There's no malicious code, there's no backdoor. They've got good operational security."

Compromised Home Routers as Conduits

The podcast highlights a critical vulnerability: compromised home routers. Chinese threat groups like Volt Typhoon exploit these devices to gain unfettered access to essential infrastructure such as power grids, water supply systems, and transportation networks.

John Holquist (05:51): "They're running out of Soho routers. Your home office, your small office router, they are literally going out."

Nicole Perlroth underscores the ease with which these routers are compromised, often through default passwords or unpatched vulnerabilities.

The Role of TP Link in Cyber Attacks

A significant focus is placed on TP Link, a dominant player in the U.S. router market. Initially a Chinese company, TP Link split its operations in 2023, establishing a U.S.-based branch. Despite this, cybersecurity officials remain skeptical about the company's allegiance and security integrity.

Rob Joyce (13:52): "TP Link is selling their routers at a loss to flood the US market, building a PRC platform."

Bloomberg's investigation revealed that only a minuscule portion of TP Link's components are manufactured outside China, casting doubt on the company's claims of independence.

Nicole Perlroth (15:06): "Microsoft determined it was comprised of 8,000 compromised devices, the vast majority of them TP Link."

Challenges in Detection and Monitoring

Detecting these sophisticated intrusions is exceptionally challenging. Since the compromised routers operate covertly, often lying dormant for extended periods, traditional monitoring methods fail to identify their presence.

Kevin Mandia (18:03): "They look like they're part of your network. And that's really hard to investigate."

The lack of robust logging and security features in many routers exacerbates the issue, leaving critical infrastructure "flying blind."

Government Response and Realizations

The episode transitions to the U.S. government's growing awareness of the scale and severity of the cyber threat posed by Chinese hackers. Andrew Scott, Associate Director for China Operations at the Cybersecurity and Infrastructure Security Agency (CISA), provides an insider perspective on the government's response.

Andrew Scott (21:25): "We've verified that the PRC's compromised various pieces of critical infrastructure."

He emphasizes the strategic nature of these cyber infiltrations, which go beyond intellectual property theft to encompass extensive reconnaissance and pre-positioning within vital sectors.

Testimonies from Officials

High-ranking officials, including former FBI Director Chris Wray and General Paul Nakasone, testify before Congress about the dire implications of these cyber threats.

Jim Lewis (29:44): "China's hackers are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm."

Rob Joyce underscores the exponential threat posed by companies like TP Link, which serve as potential gateways for large-scale cyberattacks.

Rob Joyce (15:06): "China's push into the US isn't just smart business, it's strategic."

Potential Consequences of Cyber Conflict

The conversation shifts to the potential real-world impacts of a full-scale cyber conflict between the U.S. and China. Experts express uncertainty about the extent of disruption, highlighting the interconnectedness of modern infrastructure systems.

Kevin Mandia (33:07): "Nobody really knows if the gloves came off in cyberspace between China and the U.S. what would really happen."

The fear is that simultaneous disruptions across multiple sectors could lead to unprecedented chaos and endanger lives.

Conclusion and Future Implications

Nicole Perlroth concludes the episode by reflecting on the precarious balance between preparedness and vulnerability. While Chinese hackers have meticulously prepared the battlefield by embedding themselves deeply within U.S. infrastructure, the question remains: is America prepared to defend against such pervasive threats?

Nicole Perlroth (34:06): "All we know for certain is they've prepared the battlefield. But have we?"

The episode serves as a stark reminder of the invisible but potent cyber threats lurking within everyday technology, urging listeners to recognize the gravity of the situation and the urgent need for enhanced cybersecurity measures.

Notable Quotes

• Kevin Mandia (00:32): "There's no malicious code, there's no backdoor. They've got good operational security."

• Rob Joyce (13:52): "TP Link is selling their routers at a loss to flood the US market, building a PRC platform."

• Jim Lewis (29:44): "China's hackers are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm."

Final Thoughts

Episode 8, "Living Off The Land," offers a comprehensive exploration of China's advanced cyber strategies aimed at undermining U.S. infrastructure. Through expert interviews and insider accounts, the podcast paints a vivid picture of a looming cyber crisis, emphasizing the need for heightened awareness and proactive defense mechanisms.

Produced by: Rubrik | Nicole Perlroth | Pod People
Written and Produced by: Nicole Perlroth and Rebecca Chasson
Special Thanks to: Julia Lee, Hannah Petterson, Sam Debauer, and Amy Machado
Editing and Sound Design by: Morgan Foose and Carter Wogan