
Ting Spills Tea: China's Cyber Crews Are Living Rent-Free in US Power Grids and Nobody's Kicking Them Out Yet
From Red Alert: China's Daily Cyber Moves by Inception Point Ai
June 8, 2026 · 4 min
About this episode
Ting discusses recent cyber activities by China-linked groups targeting US critical infrastructure.
This is your Red Alert: China's Daily Cyber Moves podcast. I’m Ting, and Red Alert: China’s Daily Cyber Moves is lit up again, so let’s jack straight into what’s hitting US networks right now. Over the past few days, US cyber defenders have been watching a steady drumbeat of activity from China-linked groups like Volt Typhoon, APT31, and APT41 focusing on critical infrastructure in places like Texas, California, and the Eastern seaboard. Microsoft and Mandiant have been flagging how Volt Typhoon keeps burrowing into routers and firewalls from brands like Cisco and Fortinet, living off the land with legit admin tools to stay ghosted inside power, water, and port networks. Timeline-wise, it kicked up over the weekend: first wave, broad scanning of utilities and telecoms, hitting exposed VPNs and unpatched edge devices. Then, late night, a second wave: password-spray attacks on government and defense contractors’ Microsoft 365 and Okta accounts. By dawn, several mid-size municipal networks in the US had to isolate segments because of suspicious PowerShell and WMI activity that looked exactly like prior Chinese tradecraft called out by CISA and the FBI. CISA’s recent emergency-style…
People in this episode
Host: Ting
Topics covered
- cybersecurity
- China cyber operations
- US critical infrastructure
- cyber threats
- APT groups
- network security
Keywords
- cyber attacks
- Volt Typhoon
- APT31
- APT41
- CISA
- FBI
- Microsoft 365
- Okta
- critical infrastructure
- network security
Mentioned in this episode
Organizations: Microsoft, Mandiant, CISA, FBI, NSA, Volt Typhoon, APT31, APT41
Products: Cisco, Fortinet, Microsoft 365, Okta
Places: Texas, California, Eastern seaboard
More episodes of Red Alert: China's Daily Cyber Moves
- Red Alert: Chinas Cyber Shopping Spree - Fake Jobs, FIFA Phishing, and Why Your World Cup Bet Could Cost You Clearance · June 12, 2026 · 3 min
- China's Spare Keys: Why Beijing Just Hid Backdoors in Your Power Grid and Stole Your AI Over the Weekend · June 10, 2026 · 4 min
- Microsoft's GitHub Dumpster Fire: When 73 Repos Catch Chinese Supply Chain Cooties and Your Monday Gets Worse · June 7, 2026 · 4 min
- China's Cyber Slowburn: HTTP Bombs, Human Spies, and the Art of Staying Invisible While Your SOC Drinks Cold Coffee · June 5, 2026 · 4 min
- Beijing's Cyber Tourists Shaking Every Digital Doorknob: Salt Typhoon Still Lurking in US Telecoms Since 2019 · June 3, 2026 · 5 min
- Midnight Phishing Party: China's Fake Microsoft App Just Stole Your Defense Contractor Credentials While You Slept · May 20, 2026 · 5 min
Explore listener stats, chart rankings, contacts and more on the Red Alert: China's Daily Cyber Moves podcast page.