"I embedded with our security engineers and watched the hacker we affectionately came to call the PLA summer intern. Every day, they'd roll into our networks at 9 a.m. Shanghai time and roll out around 5. They'd phished us. And then they started moving laterally." -Nicole Perlroth, former lead cybersecurity and digital espionage reporter for The New York Times
By the early 2010s, China's state-sponsored hackers had their claws in America's crucial public and private tech infrastructure. Google had already publicized their own breach (which gave the Chinese access to the system the U.S. government used to lawfully intercept Gmail traffic), though the full extent of the infiltration wouldn't be known for years. And behind the scenes, other government agencies and private companies began to fall to Chinese hackers.
What began as China’s effort to track the activities of dissidents abroad had evolved into something more—a tool for industrial espionage, for promoting an aggressive foreign policy, and for controlling the image of Chinese leaders at home and abroad.
Check out the second episode of To Catch a Thief: China’s Rise to Cyber Supremacy and find out how these efforts eventually landed The New York Times in the crosshairs.
A Race Against Time at the New York Times
In 2012 New York Times reporter David Barboza was putting the finishing touches on a massive story: Wen Jiabao, the Premier of China, had for years been enriching himself and his family through a web of shell companies and his wife's connections to the diamond trade. The Chinese public had shown that it was willing to tolerate authoritarianism in exchange for an improved standard of living. But personal corruption on the part of a political leader could still trigger political upheaval.
At the same time, Times cybersecurity and digital espionage reporter Nicole Perlroth discovered something: Chinese hackers had breached the Times' IT network and were snooping around company servers and the laptops of individual reporters. Despite the misgivings of her bosses, Perlroth started work on her own story about the hack. But she couldn’t publish until the security team was sure the network was secure again.
These two stories began to converge as Chinese officials realized what Barboza was learning. Worries mount about the personal safety of the reporter and his family, and about sabotage in the weeks leading up to the 2012 U.S. presidential election. It's all part of how Xi Jinping, then in the process of taking power in the country, came to see Chinese cyberattackers as a tool in his effort to reverse a decade of liberalization—and to put the Chinese Communist Party in absolute control at home and on the offensive abroad.
To Catch A Thief
Over the next month Nicole Perlroth, bestselling author of This Is How They Tell Me the World Ends and former lead cybersecurity and digital espionage reporter for The New York Times, will take us on a tour of China’s sprawling hacking operations. This first of its kind, deeply reported audio documentary will unfold weekly through dozens of chilling conversations with industry and government cyber espionage experts.
To Catch a Thief charts the rise of China’s state-sponsored hackers, from their beginnings as “the most polite, mediocre hackers in cyberspace” to the “apex predator” that now haunts America’s most critical infrastructure.
The series features the experience and expertise of some of cybersecurity’s heaviest hitters: Jim Lewis, Mandiant’s Kevin Mandia, Crowdstrike founder Dmitri Alperovitch, Google’s Heather Adkins and many more.
Check out this nine-episode series (produced by Rubrik) on your favorite podcast platform.