The huge story nobody’s talking about


Ahhhh spying. The world’s second-oldest profession. It’s a bit like sniffing your own socks: nobody likes getting caught, but everyone does it.

And yet, something big has been happening lately, with US officials using increasingly spicy language to describe one of China’s hacks: the outgoing FBI director argues it’s “the most significant cyber espionage campaign in history“, and both Dems and Republicans largely agree, with one senator describing a classified briefing he attended as “breathtaking”.

So let’s get you up to speed. Who’s behind this hack? 

China’s various hacking groups seem linked to the Ministry of State Security, its main intelligence agency. The groups get their nicknames from Microsoft, which has a naming system that uses ‘Typhoon’ for espionage-focused groups from China, such as:

  • Silk Typhoon, which just hit the US Treasury, a key player in US sanctions, export controls, and the secretive ‘CFIUS’ body to scrutinise foreign investment
  • Volt Typhoon, which aims at disrupting US water, transport, energy, and other infrastructure in case of a war, to spook citizens and wobble any US response, and
  • Salt Typhoon, which targets digital infrastructure not just in the US but across the broader West and beyond.

So why’s everyone specifically worried about that last one, Salt Typhoon? It’s a mix of the group’s methods, targets, scale, and the resulting implications.

The methods look sophisticated, using a layered approach to exploit old equipment and lax practices to patiently gain access to key targets, which form the backbone of pretty much the entire US internet and communications networks.

Once inside, the hackers then exploit the trust between firms to expand to the next, achieving a massive scale: we’re talking about the ability to geolocate millions of Americans, listen to calls, read texts, and so on. And the implications of that are vast —

  • a) Lots of the priority targets appear to have been in the DC area, with possible insights into how the US is thinking about China and pretty much everything else
  • b) The hackers also potentially got the names of people under court-approved US surveillance, offering a valuable heads-up on who the US suspects as spies, and
  • c) Any good intel agency can also use that vast amount of broader hacked data to paint a detailed picture of who makes what US decisions, how, and what their vulnerabilities might be.

So why’s nobody talking about all this? Well they are — the WSJ first broke this story in September, and (with other outlets) has continued to fill out the picture. But this still isn’t dominating the public debate anywhere near as much as, say, the great spy balloon saga of 2023.

Why not? The details have emerged slowly, are hard to measure, and are often very technical, while the US elections have not only dominated public attention, but also complicated the US ability to respond during a transfer of power. Which brings us to…

What’s the US doing about this? 

It’s all spurred plenty of US activity in amongst the panic: DC is now banning the remaining US operations of China Telecom, mulling a ban on China’s TP-Link routers, and even pondering a mass ‘rip and replace‘ operation to swap out every router in the country, building on more targeted efforts already underway.

Plus President Biden is reportedly finalising a cybersecurity executive order for his final days in office, while Trump 2.0 is hinting he might go more on the offence to raise the costs on China’s intelligence services, with hopes of deterring them from any repeats.

Anyway, it’s all shaping up as a costly exercise to bolster US resilience. But it’s also a timely reminder that the one thing costlier than cyber security is the very lack of it.

INTRIGUE’S TAKE

There are a few things we find fascinating about this story.

First, the brazen nature of this hack reflects changes in both China’s capability but also intent: more confidence in challenging US power, even as its own economy sputters.

Second, US security has long rested on a vast gap (technological, economic, military) with the rest of the world, but this latest hack highlights the pressures on that gap.

And third, it’s a reminder of how security works both ways: one of the vulnerabilities China exploited appears to have been the very system the US uses to wiretap suspected spies via back doors built into US tech and telco companies; and likewise, one of America’s own defensive responses seems to be the very same encrypted apps it’s previously criticised for providing security to spies, criminals, and terrorists.

All that to say… there’s no end destination in security. Rather, it’s a constant journey.

Also worth noting:

  • China’s foreign ministry has rejected the Salt Typhoon allegations, instead describing the US as “the biggest threat to global cybersecurity.
Latest Author Articles
Trump’s tariffs, viewed from four cities

Just as he swore to do, Donald Trump signed new executive actions on Saturday, slapping 25% tariffs on Canada and Mexico, and 10% on China. Energy exports from Canada seem to be the sole major carve-out, copping a 10% tariff instead. Now, before we dive in, here’s a sweet term to slip into conversation: strategic empathy. It’s what […]

3 February, 2025
Did China just dethrone OpenAI?

OpenAI dropped the world’s first-ever ‘reasoning’ AI chatbot back in September, called ‘o1’. The Silicon Valley-based pioneer spent vast amounts of cash and time to release this AI bot that can ‘reason’ its way through more complex problems. And notwithstanding OpenAI’s name and founding philosophy, it again kept its coding secret. But last week, China-based […]

27 January, 2025
What’s next for TikTok?

Ultra-popular short-video platform TikTok went offline for its 170 million users on Saturday night, only to then semi-reappear around noon yesterday (Sunday). Of course, teetering on the edge of oblivion just inspired more memorable TikTok moments, including folks recreating this amusing Family Guy scene where Peter uses his final breath to make a big deathbed confession: “I did not care for […]

20 January, 2025
Five ticking clocks in the Russo-Ukraine war

We’re two weeks out from Trump 2.0’s inauguration on January 20, and capitals everywhere are preparing for what that might bring (we shared special editions on some of the thinking in Taipei, Berlin, and Mexico City over the break). But one of the biggest question marks remains Russia’s ongoing invasion of Ukraine. So let’s take a quick look at five […]

6 January, 2025