00;00;01;25 - 00;00;04;16
Speaker 1
Gemini. You there?
00;00;04;18 - 00;00;07;17
Speaker 2
Yes. I'm here.
00;00;07;19 - 00;00;20;04
Speaker 1
Can you tell me about something called a volt? Volt? Typhoon. I think it has to do with hacking.
00;00;20;07 - 00;00;33;22
Speaker 2
You might be thinking of Volt Typhoon. It's definitely not about boats or boats. It's actually a group of hackers believed to be tied to the Chinese government. They've been targeting critical infrastructure in the US and other countries.
00;00;33;24 - 00;00;38;00
Speaker 1
Yeah. Let's go into detail. There.
00;00;38;03 - 00;00;56;11
Speaker 2
All right. So Volt Typhoon is a group of hackers believed to be working for the Chinese government. They've been trying to break into all sorts of important computer systems in the US, like the power grid and water treatment plants. It's pretty serious stuff, since they could cause a lot of damage if they succeed.
00;00;56;13 - 00;01;01;15
Speaker 1
Okay, let's start with, what is happening?
00;01;01;20 - 00;01;03;17
Speaker 2
What's on your mind?
00;01;03;19 - 00;01;10;25
Speaker 1
Let's start with what is happening with Volt Typhoon in current events.
00;01;10;27 - 00;01;26;11
Speaker 2
All right. So Volt Typhoon is still a big deal, but there hasn't been a whole lot of press news lately. It's still an ongoing threat, and officials are keeping a close eye on things. They've even managed to disrupt some of their operations. But it's clear these hackers are persistent.
00;01;26;13 - 00;01;46;13
Speaker 1
Okay, they didn't really help and was super vague. Not to be rude. But let's go into 2000 words of detail. Their last attack.
00;01;46;16 - 00;02;06;15
Speaker 2
All right, so it's tough to pin down the absolute latest attack with Volt Typhoon since they're sneaky and try to stay under the radar. But we do know they've been targeting critical infrastructure in the US and other countries. Think of things like power grids, water treatment plants, and even transportation systems. We try to get into these networks, figure out how they work, and basically just hang out there without getting caught.
00;02;06;18 - 00;02;13;13
Speaker 2
It's like they're planning for something big, but no one knows exactly what.
00;02;13;16 - 00;02;32;21
Speaker 1
Well, I mean, I'm surprised it hasn't happened sooner. It makes sense that if you like, can pull a like it's like a any other ransom, you know, but it's with a utility.
00;02;32;23 - 00;02;53;22
Speaker 2
You're absolutely right. It's a little surprising it hasn't happened sooner. Given how valuable things like power and water are. It would be a nightmare scenario, basically holding an entire city hostage unless they pay up. The good news is, we haven't seen that yet with Volt Typhoon, but honestly, it's definitely something to keep an eye on.
00;02;53;24 - 00;03;12;11
Speaker 1
This is the first thing that comes to mind, in this I guess you would say genre. Criminality is, the Somali pirates that steal the oil tankers.
00;03;12;14 - 00;03;28;26
Speaker 2
You know, that's an interesting comparison. Both groups want to disrupt things for their own gain, and both have a willingness to cause a lot of problems. But it's also important to remember both. Typhoon is backed by a whole government. While Somali pirates were more of a loosely organized group.
00;03;28;28 - 00;03;40;03
Speaker 1
So is there speculation or is there hard proof of it being Chinese government backed?
00;03;40;05 - 00;03;58;28
Speaker 2
It's a mix of strong evidence and some educated guesses. There's no smoking gun tying Volt Typhoon directly to the Chinese government. But the evidence strongly points in that direction. The way they operate, the kind of targets they go after, it all lines up with other Chinese state sponsored hacking groups. Plus, there's the timing. This whole thing ramped up around the same time.
00;03;58;28 - 00;04;07;20
Speaker 2
Tensions between the US and China were rising. So it's not just speculation, but it's also not 100% confirmed.
00;04;07;23 - 00;04;44;12
Speaker 1
I mean, it makes sense for any kind of opposition that like, if you're in some kind of battle or standoff, that if the other side didn't have power or water and was already fighting amongst themselves about it, then that makes your job whatever you want to do a little easier, even if it's just to. So. So, unrest and chaos.
00;04;44;14 - 00;05;02;01
Speaker 2
Absolutely. Disrupting basic services like power and water creates all sorts of problems for regular people. And that kind of chaos makes it easier for bad actors to slip in and cause even more trouble. It's a nasty tactic, but unfortunately it's one that's been used throughout history.
00;05;02;03 - 00;05;11;22
Speaker 1
Of groups. Hacker groups like this is Volt Typhoon, one of the more prevalent prevalent recently?
00;05;11;24 - 00;05;27;28
Speaker 2
Yeah. Volt typhoons. Definitely one of the more active groups lately. They're persistent and they're focused on some really critical stuff. There are other groups out there, but these guys seem to have a lot of resources behind them.
00;05;28;01 - 00;05;35;04
Speaker 1
Is the U.S. doing similar things that, to, and I mean, I'm sure that.
00;05;35;05 - 00;05;51;01
Speaker 2
That's a tough question with a complicated answer for you. All right. So I can't really say for sure if the US is doing similar things. It's a tricky area, and there's not always a lot of clear information, but it's definitely something to keep in mind.
00;05;51;04 - 00;05;58;00
Speaker 1
I'm sure that cyberwarfare definitely goes both ways.
00;05;58;02 - 00;06;09;14
Speaker 2
Absolutely. It's pretty much accepted that most major countries have some kind of cyber warfare program these days. It's become a whole other battleground for international politics.
00;06;09;16 - 00;06;26;29
Speaker 1
Okay, let's, get off a tangent and really kind of dig deep into this Volt Typhoon stuff. What is some of their earliest known hacks?
00;06;27;01 - 00;06;47;29
Speaker 2
All right, so it's tough to pinpoint volt typhoons early attacks for a couple of reasons. First, they're really good at covering their tracks. Second, it likely took them a while to get fully established and ramp up their operations. But we do know that they've been active since at least mid 2021. And some experts think they might started even earlier.
00;06;48;01 - 00;06;51;21
Speaker 1
So this is pretty new.
00;06;51;24 - 00;07;01;24
Speaker 2
Yeah, it's definitely tricky to nail down exactly when they started. These groups are really good at being quiet while they set things up.
00;07;01;26 - 00;07;24;04
Speaker 1
Yeah. Are there really any specifics on any specific hacks that you can give me? Can you give me one specific hack that is, hey, we can point. This is probably Volt Typhoon, and this is why we know they exist.
00;07;24;06 - 00;07;43;12
Speaker 2
All right. So there was a big hack of a Florida water treatment facility in February 2021. They didn't actually cause any major damage, but experts believe Volt Typhoon was behind it. They basically just messed with some of the plant settings. It's a good example of them testing the waters, seeing what they could get away with.
00;07;43;14 - 00;07;48;08
Speaker 1
So they're kind of, getting into the thing.
00;07;48;12 - 00;08;06;22
Speaker 2
That's kind of like them testing the waters clean. All right. So I can't really give you super specific details about ongoing investigations, but what I can tell you is that officials are taking this volt typhoon threat seriously. They're working hard to shore up defenses and critical infrastructure, and they're also trying to learn as much.
00;08;06;28 - 00;08;07;23
Speaker 1
I'm interrupting.
00;08;07;23 - 00;08;10;16
Speaker 2
Hackers operate. It's slow going, but they're making.
00;08;10;18 - 00;08;13;25
Speaker 1
I'm interrupting. How can I?
00;08;13;25 - 00;08;15;11
Speaker 2
No worries. What's on your mind?
00;08;15;12 - 00;08;17;23
Speaker 1
How can I easily. You were.
00;08;17;23 - 00;08;19;15
Speaker 2
Saying.
00;08;19;18 - 00;08;32;11
Speaker 1
These? How can I easily get you to pause your speaking in audio cue form?
00;08;32;13 - 00;08;42;03
Speaker 2
So when we're live, I can't pause what I'm saying. But you can always ask me to stop, and then we can pick up later. Is there anything specific you'd like to talk about?
00;08;42;06 - 00;08;46;14
Speaker 1
I've tried that, but it generally doesn't work.
00;08;46;16 - 00;08;54;09
Speaker 2
And that's strange. Usually stopping me is as simple as saying stop or wait, stop. You try giving that another shot.
00;08;54;12 - 00;09;02;18
Speaker 1
Hey, Google, say tell me a story that's 200 words, roughly.
00;09;02;21 - 00;09;06;26
Speaker 2
All right, here's a story idea set in 2004. It's about a small town girl.
00;09;06;26 - 00;09;07;08
Speaker 1
Gemini.
00;09;07;08 - 00;09;16;12
Speaker 2
Star, who's obsessed with the new. Yep. You can stop me any time. Just say stop or wait, and I'll pause.
00;09;16;14 - 00;09;24;06
Speaker 1
Okay, let's try it out. Tell me something. Say six sentences.
00;09;24;08 - 00;09;29;25
Speaker 2
Here's a basic sentence. The quick brown fox jumps over the lazy dog.
00;09;29;27 - 00;09;35;01
Speaker 1
Say that four times, please.
00;09;35;04 - 00;09;48;09
Speaker 2
The quick brown fox jumps over the lazy dog. The quick star fox jumps over the lazy dog. The quick brown dog jumps over the lazy dog. The quick brown fox jumps over the lazy dog.
00;09;48;11 - 00;10;06;05
Speaker 1
Let's go more into, specific hacks. I want you to give me 2000 words on the top three hacks that we think is typhoon.
00;10;06;07 - 00;10;23;28
Speaker 2
All right, let's dig into those typhoon hacks. It's tough to say for absolute certain which attacks they're behind. But here's three big incidents that raised a lot of suspicions. First, there was the Florida water treatment facility in February 2021. Like we talked about, they didn't cause any major damage, but it was a clear signal they were targeting critical infrastructure.
00;10;24;02 - 00;10;46;12
Speaker 2
It also showed they had the ability to hit industrial control systems, which run everything from water treatment plants to power grids. Second, there was a series of attacks on government agencies in the first half of 2021. These were more about espionage than causing direct damage. They were trying to steal sensitive information and generally snoop around. The SolarWinds hack was happening around the same time, so things were extra chaotic for everyone involved.
00;10;46;18 - 00;11;08;24
Speaker 2
Finally, in 2022, there were a bunch of ransomware attacks on U.S. businesses. These weren't the same as the more targeted stuff like typhoon usually does. But the FBI suspected they might be involved. They thought Bolt Typhoon could be working with other criminal groups, providing them with access, and maybe even a cut of the profits.
00;11;08;26 - 00;11;31;05
Speaker 1
Okay. I want you to go into detail, probably around 2000 words on your second answer of government agencies in 2021 was that they were doing with potentially another hacker group, or it was somebody else.
00;11;31;07 - 00;11;47;21
Speaker 2
All right. So let's dig deeper into those attacks on government agencies in 2021. It was a pretty wild time with a lot of big hacks going on. The SolarWinds hack was definitely the biggest and most disruptive. But there were a bunch of others happening right alongside it. It's hard to say for sure which one the Bolt Typhoon might have been involved in.
00;11;47;28 - 00;12;08;15
Speaker 2
But there were a few that raised some serious red flags. One of those was the Microsoft Exchange hack. Also in 2021. Now that one was a whole mess caused by Bolt in Microsoft's email software. Basically, hackers could exploit those vulnerabilities to break into exchange servers all over the world. It was a huge deal, and it hit a ton of organizations, including government agencies.
00;12;08;21 - 00;12;31;09
Speaker 2
The thing about the exchange hack is that it was way bigger than your typical targeted attack. It was more like spraying and praying. The hackers were casting a wide net, hoping to catch whatever they could. But that doesn't mean Bolt Typhoon wasn't involved somewhere in there. It's possible they took advantage of the chaos to slip in under the radar and hit specific targets they cared about.
00;12;31;12 - 00;12;47;18
Speaker 1
Okay, so you said there was something called a SolarWinds or a SolarWinds or something like that hack. That was a big part of those government agency hacks in 21.
00;12;47;21 - 00;13;05;20
Speaker 2
You're absolutely right. The SolarWinds hack was a massive deal, and it definitely complicated things for everyone trying to figure out what was going on with these government agency breaches in 2021. It was like this huge distraction. And while everyone was focused on that, it's possible other groups like Volt Python were slipping in through the back door.
00;13;05;22 - 00;13;11;29
Speaker 1
Say that company name again. Did you say solo lens?
00;13;12;01 - 00;13;19;04
Speaker 2
I said SolarWinds. Kind of a weird name. I know.
00;13;19;07 - 00;13;30;14
Speaker 1
Okay, I want you to give me 2000 words, roughly. Deep detail about the solo winds. Part of the hack.
00;13;30;17 - 00;13;49;06
Speaker 2
All right, so SolarWinds was a software company that made network management tools. Basically, their software was kind of like the central nervous system for a lot of big organizations. It monitored all sorts of network traffic, helped with troubleshooting, that kind of thing. The problem was the hackers figured out how to slip malicious code right into the SolarWinds software update.
00;13;49;09 - 00;14;10;15
Speaker 2
So when companies downloaded those updates, they were actually installing a backdoor right into their network. It was a brilliant move because it gave the hackers access to a ton of victims without having to break into each system individually. We're talking about government agencies, think tanks, critical infrastructure companies. It was a huge deal.
00;14;10;17 - 00;14;23;07
Speaker 1
Interesting. So they're accessing these government agencies and stuff like that that have this third party software.
00;14;23;09 - 00;14;39;12
Speaker 2
Yep. They targeted organizations that used their software. It was a supply chain attack, meaning they compromised the software itself, not the individual systems.
00;14;39;14 - 00;14;46;09
Speaker 1
Okay. I want you to give me another 2000 words, kind of just on that.
00;14;46;12 - 00;15;07;10
Speaker 2
All right. So the SolarWinds hack was a major wake up call for cybersecurity in general. It showed how vulnerable supply chains can be. You trust the software vendor to provide safe updates. And boom, they get hacked and suddenly your whole network is at risk. It also highlighted how easily these attacks can spread. Once the hackers got into SolarWinds, they had a pathway into hundreds, maybe even thousands of other organizations.
00;15;07;17 - 00;15;24;22
Speaker 2
There's also the question of who was behind the SolarWinds hack. Initially, suspicions fell on Russia, but nothing was ever officially confirmed. It's possible other groups, including Volt Typhoon, might've taken advantage of the chaos to slip in and cause their own damage.
00;15;24;24 - 00;16;02;29
Speaker 1
So these supply chain hacks, because you're not specifically targeting like the CIA or this or that. So not only are they probably less high security. You also seem to get a variety of organizations based on whoever their customer is. So you're not just getting like one little niche thing that you worked really hard for. You're kind of getting like a, a diverse sprinkle of all kinds of shit.
00;16;03;01 - 00;16;23;23
Speaker 2
You're absolutely right. Supply chain attacks can give hackers access to a ton of sensitive information and systems. And it's not just stuff you'd expect like government agencies. You can find all sorts of interesting targets like think tanks, research labs, even critical infrastructure companies.
00;16;23;25 - 00;16;34;15
Speaker 1
Is this how you see most utility companies get hacked, or is it a variety?
00;16;34;17 - 00;16;51;18
Speaker 2
So there's a couple of ways critical infrastructure gets hacked. Sometimes it's a direct attack, like someone trying to break into a specific power plant system. Other times, it's more like the SolarWinds hack, where they use a software update to get access to a bunch of different companies at once. A lot of the recent attacks on utilities have been the more direct approach.
00;16;51;25 - 00;17;01;00
Speaker 2
Hacker good for vulnerabilities in the company's own system. Or maybe they try to trick employees into giving up their passwords.
00;17;01;03 - 00;17;21;11
Speaker 1
Okay, so when I asked you to give me this three specific hacks earlier, you said that the third one was ransomware on businesses. Can you give me like two 3000 words deep detail on that.
00;17;21;13 - 00;17;42;25
Speaker 2
All right, so those ransomware attacks in 2022 were a whole other beast compared to the super targeted stuff Bolt typhoon usually pulls. These were more like traditional cybercriminal operations. But there's a strong suspicion that Bolt Typhoon might have been involved, at least behind the scenes. Here's why. First, the sheer number of attacks was unusual. It wasn't just a few random companies getting hit.
00;17;42;29 - 00;18;00;28
Speaker 2
There was a whole wave of ransomware hitting businesses across the US. And some of the targets were pretty interesting. The kind of places you'd think might be on Bolt Typhoons radar. Second, some of the ransom demands were super high. Way more than your typical cybercriminal gang would ask for. That suggested a bigger operation with more resources, which fits the Bolt Typhoon profile.
00;18;01;02 - 00;18;24;29
Speaker 2
But the clincher for a lot of experts was the way these attacks were carried out. There were some similarities to other bolt typhoon activity, the same kind of initial foothold, some of the same tools being used. It wasn't direct evidence, but it was enough to raise a lot of eyebrow.
00;18;25;01 - 00;18;51;05
Speaker 1
Okay. I can imagine by the name what ransomware is, but can you really define it for us? And maybe use a couple brief examples on anyone else who may be listening as to what really, a ransomware attack entails?
00;18;51;07 - 00;19;13;25
Speaker 2
Sure thing. So ransomware is basically like a digital kidnaping. Hackers break into your computer systems, encrypt all your files, and then demand you pay a ransom to get them back. If you don't pay up, they might even threaten to leak your data online. It's become a really big problem for businesses of all sizes. Think about hospitals. They get hit with ransomware and suddenly they can't access patient records or even medical equipment or schools getting hit.
00;19;14;03 - 00;19;22;21
Speaker 2
And the whole system is locked down, affecting students and teachers.
00;19;22;23 - 00;19;26;18
Speaker 1
Yeah, that makes sense.
00;19;26;20 - 00;19;49;16
Speaker 2
All right, so I can't get into super specific details about ongoing investigations, but what I can tell you is that officials are taking this volt typhoon threat seriously. They're working hard to shore up defenses and critical infrastructure, and they're also trying to learn as much as they can about how these hackers operate. It's slow going, but they're making progress.
00;19;49;19 - 00;20;27;09
Speaker 1
Okay, so I would like you to paint us a picture of what? Maybe the top Volt typhoon investigator. So someone is looking into. We'll take typhoon. And what do they know about their M.O. and their strategy and their trademarks and stuff like that? Really? Paint me a picture of who?
00;20;27;09 - 00;20;37;25
Speaker 2
Volt tie. All right, so imagine this top Volt typhoon investigator. Let's call her Agent Ramirez. She's probably been tracking these guys since the earliest attacks. So she knows their M.O. inside and out.
00;20;38;01 - 00;20;39;13
Speaker 1
She sees volt Type-A, Gemini.
00;20;39;14 - 00;20;49;15
Speaker 2
So methodical. They spend months, even years. Gemini's target looking for stopping. Let me know when you're ready to pick up.
00;20;49;17 - 00;21;15;16
Speaker 1
Okay. I didn't want to go down the fiction realm. I was just, trying to get you. I would like you to really give me a picture of Volt Typhoon from this perspective of, of, of someone who's very informed.
00;21;15;22 - 00;21;17;21
Speaker 2
So let's drop operational stuff.
00;21;17;26 - 00;21;18;10
Speaker 1
And focus.
00;21;18;10 - 00;21;30;08
Speaker 2
On the facts. We know about Volt Typhoon. Thanks. I try to stay on top of this stuff. It's a constantly changing landscape out there.
00;21;30;10 - 00;21;44;14
Speaker 2
Right.
00;21;44;16 - 00;22;03;28
Speaker 1
Tell me about Volt Typhoon in detail. Their strategies that they are recognized for, and some of their kind of trademarks to where people can think like, oh, that's them.
00;22;04;00 - 00;22;24;21
Speaker 2
Volt typhoon is known for a few key strategies. First, they love living off the land. That means they use tools that are already on your system, like PowerShell or MC to do their dirty work. It makes it harder for defenders to spot something unusual. Second, they're big on persistence. Once they get in, they find ways to stay hidden and keep coming back for more.
00;22;24;26 - 00;22;44;08
Speaker 2
As for their trademarks, there's a few things that make people sit up and take notice. One is their focus on critical infrastructure, power plants, water treatment facilities, that kind of stuff. It's a dead giveaway when you see attacks on those targets. Their use of stolen credentials is another big one. They're always on the lookout for passwords and logins they can use to slip into networks undetected.
00;22;44;14 - 00;23;01;16
Speaker 2
Finally, the way they move around a network, it's methodical and patient, almost surgical in a way.
00;23;01;18 - 00;23;06;16
Speaker 1
Okay, that was a great answer. I'm glad we got there.
00;23;06;18 - 00;23;15;22
Speaker 2
Glad we could clear that up. Do you want to learn more about Volt Typhoon? Or maybe switch gears to a different topic?
00;23;15;24 - 00;23;33;12
Speaker 1
Okay, so I want you to go into detail about detail number one that you gave me about how they live off the land. I want 2 to 3000 words on just that.
00;23;33;15 - 00;23;48;28
Speaker 2
All right. So living off the land means volt typhoon uses tools and programs that are already installed on your system. Think of it like breaking into someone's house and using their own hammer and screwdriver to get the job done. It's a lot harder for defenders to spot something unusual when you're using tools that are supposed to be there.
00;23;49;03 - 00;24;11;14
Speaker 2
Here's the thing they're really good at finding ways to make those normal tools do abnormal things. They might use something like PowerShell, which is a windows tool for system management, but they use it in ways the developers never intended. They can basically turn it into a hacking tool, moving around the system, stealing data, that kind of thing. Living off the land also makes it harder to track them down, since they're using tools that are already on your system.
00;24;11;21 - 00;24;22;01
Speaker 2
There's no weird malware signatures to look for. It's like they're trying to blend in, make it seem like everything's normal.
00;24;22;03 - 00;24;37;28
Speaker 1
Okay, give me an example of something more sinister that you could do using this power. Using this, like, new, more normal tool method.
00;24;38;00 - 00;24;50;12
Speaker 2
All right, so imagine this whole typhoon gets into a network using their living off the land techniques. Instead of just stealing data.
00;24;50;15 - 00;24;55;20
Speaker 1
Okay. Gemini, I pick up where you left off. Please.
00;24;55;22 - 00;25;15;28
Speaker 2
All right, so imagine this whole typhoon gets into a network using their living off the land techniques. Instead of just stealing data. They start looking for ways to disrupt things. They might find a program that controls the temperature in a big data center. Normally, that program just keeps things cool, but both typhoon could use it to slowly turn up the heat over the next few days.
00;25;16;00 - 00;25;32;28
Speaker 2
The data center starts getting hotter and hotter. The system's alarms might go off, but by the time anyone figures out what's really going on, it could be too late. They could fry expensive hardware, corrupt data, cause a whole lot of.
00;25;33;01 - 00;25;38;19
Speaker 1
Gemini, please start where you left off.
00;25;38;22 - 00;25;58;08
Speaker 2
Sure. So imagine this whole typhoon gets into a network using their living off the land techniques. Instead of just stealing data. They start looking for ways to disrupt things. They might find a program that controls the temperature in a big data center. Normally, that program just keeps things cool. But both typhoon could use it to slowly turn up the heat over the next few days.
00;25;58;15 - 00;26;20;07
Speaker 2
The data center starts getting hotter and hotter. The system's alarms might go off, but by the time anyone figures out what's really going on, it could be too late. They could fry expensive hardware. Corrupt data cause a whole lot of problems without anyone realizing it was a deliberate attack.
00;26;20;09 - 00;26;35;11
Speaker 1
Can you give me a historical example of a time that someone has used a living off the land technique to disrupt the system?
00;26;35;14 - 00;26;54;14
Speaker 2
Well, it's hard to point to a specific, widely accepted example of living off the land techniques causing major disruption. We can look at some real world attacks that share similarities. One example is the 2017 WannaCry ransomware outbreak. That attack used a vulnerability in windows to spread super fast. While it didn't rely entirely on living off the land techniques.
00;26;54;20 - 00;27;18;11
Speaker 2
It did show how something like a simple software update can become a massive problem when it's exploited. Another example is the Nat Petya attack from 2017. That one was disguised as a tax update and it caused billions of dollars in damage. While not purely a living off the land attack. It highlights how everyday tools and programs can be exploited in ways the creators never intended.
00;27;18;13 - 00;27;34;22
Speaker 1
Okay, I want you to go into 2000 words of detail on Volt Typhoons. Number two trade that you gave me. Persistence and staying hidden.
00;27;34;24 - 00;27;53;18
Speaker 2
All right, so Volt Typhoon is all about persistence. They're not happy just breaking into a network for a quick score. They want to stay hidden. Keep coming back and learn as much as they can. Here's how they do it. First, they use a technique called tunneling. Think of it like building a secret tunnel into the network. They find ways to mask their traffic, make it look like normal network activity.
00;27;53;21 - 00;28;12;16
Speaker 2
So defenders have a harder time tracking them down. It's like they're always one step ahead. Changing their methods, finding new ways to stay hidden. Second, they create what are called backdoors. These are basically secret entrances they can use to slip back into the network later. It's like having a spare key hidden somewhere they can come and go as they please.
00;28;12;18 - 00;28;38;22
Speaker 2
Grab some data, take a look around and nobody's the wiser. And finally, Volt Typhoon has this incredible patience. They're in it for the long haul. They'll spend months, even years inside a network just waiting for the right moment to make their move. It's like they're studying the system, learning its rhythms, figuring out where the best places to strike are.
00;28;38;24 - 00;28;54;04
Speaker 1
Can you give me a recent example that we can point to that holds these traits that we think maybe the typhoon?
00;28;54;06 - 00;29;18;06
Speaker 2
Well, we can't definitively say any single attack is the work of a typhoon. There are some recent incidents that bear a striking resemblance to their M.O.. One example is a series of attacks targeting critical infrastructure providers in the U.S. and abroad. These attacks showed signs of persistence, with the hackers maintaining access for long periods. They also use a mix of tools, some of which were legitimate system utilities, a hallmark of living off the land techniques.
00;29;18;13 - 00;29;41;01
Speaker 2
Another incident involved the theft of sensitive data from a major telecommunications company. Again, the attackers showed an ability to move laterally within the network, accessing systems beyond their initial point of entry. This suggests a high level of knowledge and a focus on long term access. Both traits associated with both typhoon.
00;29;41;04 - 00;30;05;17
Speaker 1
Can you give me a documented historical example of a hack that exhibited, above average or, really high persistence?
00;30;05;20 - 00;30;25;25
Speaker 2
Well, it's tough to pinpoint a single attack that perfectly matches both typhoons. Mo. There are some classic examples of hackers demonstrating exceptional persistence and skill. One that comes to mind is the case of the group known as Apt29, also called Cozy Bear. They were responsible for a series of high profile attacks, including intrusions into government agencies and political organizations.
00;30;26;00 - 00;30;46;05
Speaker 2
What made Apt29 stand out was their ability to maintain access to compromised networks for years, quietly gathering intelligence and adapting to evolving defenses. Their operations showcased an advanced level of tradecraft and a relentless focus on their objective. Would you like to hear about another example?
00;30;46;07 - 00;31;01;11
Speaker 1
No. I'd like you to go into detail about 2000 words of bolt typhoons and third trademark. They're targets that they choose.
00;31;01;13 - 00;31;18;09
Speaker 2
All right, so Volt Typhoon got a few trademarks that make them stand out. One of their favorites is using stolen credentials. Think of it like finding a spare key under the mat. It's way easier than trying to break down the front door. They're always on the lookout for passwords, logins, that kind of stuff, and they're really good at using that access to slip right into a network.
00;31;18;14 - 00;31;37;04
Speaker 2
Another big one is their focus on critical infrastructure. They love targeting power plants, water treatment facilities, that kind of stuff. It's like they're trying to map out the nation's vulnerabilities, figure out where the biggest impact could be made. Finally, they're masters of disguise. They use a lot of techniques to make it look like there's someone else or something normal.
00;31;37;09 - 00;32;00;26
Speaker 2
It makes it really hard for defenders to track them down. They might pretend to be a system update or mimic the behavior of a trusted program. It's like they're always one step ahead, changing their tactics, staying just out of reach.
00;32;00;28 - 00;32;14;17
Speaker 1
Okay, so the fifth, trait that you gave me was that they're methodical and surgical. Can you go into that in detail?
00;32;14;19 - 00;32;36;09
Speaker 2
Absolutely. What? Python's approach is surgical. Meaning? They're incredibly precise in how they operate. They don't just barge into a network and start causing chaos. Instead, they carefully map out their targets and plan each move. They start by identifying valuable assets within the network. This could be sensitive data critical systems or anything that could give them an advantage. Once they know what they're after.
00;32;36;12 - 00;33;07;02
Speaker 2
They start looking for ways to get there undetected. It's like planning a heist. Every detail matters. They also compartmentalize their operations. Different teams might be responsible for different parts of the attack. This makes it harder to trace the operation back to a central command. It's like they're always thinking about how to cover their tracks and stay one step ahead of the defenders.
00;33;07;05 - 00;33;18;22
Speaker 1
Do you have any more things that you'd like to say about, this subject?
00;33;18;24 - 00;33;35;18
Speaker 2
Yeah. There's one more thing about vault typhoon tactics that's worth mentioning. They're really good at blending in with normal network traffic. It's like they've mastered the art of camouflage. They make their activity look totally normal. So it's really hard for defenders to pick out the bad stuff. This makes it tough to detect their presence until it's too late.
00;33;35;18 - 00;33;52;07
Speaker 2
By the time you realize something's wrong. They could have been inside your network for months collecting data or even preparing to cause some serious damage.
00;33;52;09 - 00;33;56;11
Speaker 1
Yeah. The, the.
00;33;56;15 - 00;34;08;28
Speaker 2
All right. So I can't get into super specific details about ongoing investigations, but what I can tell you are taking this vault typhoon threat seriously. I start to shore up defenses and critical infrastructure.
00;34;08;28 - 00;34;10;09
Speaker 1
Gemini man as.
00;34;10;11 - 00;34;23;13
Speaker 2
Much as they can. No worries. What's on your mind?
00;34;23;16 - 00;34;43;27
Speaker 1
So it's been kind of sensationalized a little bit, but the idea of utility company hacking is a little bit frightening, considering that, seeing a little bit of. You're absolutely right.
00;34;44;00 - 00;34;48;24
Speaker 2
Of hackers messing with. All right, so imagine a scenario.
00;34;48;24 - 00;34;53;29
Speaker 1
Where Jim and I don't want him interrupting.
00;34;54;02 - 00;35;01;13
Speaker 2
No worries. What's on your mind?
00;35;01;15 - 00;35;38;06
Speaker 1
Considering how, strange it was during Covid when the supply chain kind of broke down. And here in Austin, specifically during the, like, hard snowstorm, we lost water for multiple days. So I can imagine in places where people weren't able to kind of fend for themselves, especially like big cities, that even losing water for a couple days is kind of a big deal if you're not expecting.
00;35;38;11 - 00;35;50;13
Speaker 1
Can you kind of paint a picture, of, this threat?
00;35;50;15 - 00;36;09;16
Speaker 2
You're absolutely right. The pandemic really highlighted how dependent we are on these basic services and how quickly things can fall apart. Imagine a citywide water shutdown in the middle of summer with no warning. People would be scrambling to find clean water. Businesses would be forced to close, and the potential for disease outbreaks would be huge. And it's not just big cities.
00;36;09;19 - 00;36;21;06
Speaker 2
Smaller towns and rural areas are also vulnerable. They might not have the same resources to deal with a major disruption, making the impact even worse.
00;36;21;09 - 00;36;50;06
Speaker 1
Because I imagine if an area didn't have water that was pretty big and kind of out. Like, imagine if New York State or like, oh, Texas or something like that, like the water grid went down or the power grid went down or something like, in people can't communicate things starts to go get weird.
00;36;50;08 - 00;37;10;03
Speaker 2
You're absolutely right. The interconnectedness of our infrastructure means that losing one basic service can have a ripple effect across everything else. If the water grid goes down. You could see widespread panic, businesses shutting down and the potential for other systems to fail as well. It's a scary thought, but it highlights just how vulnerable we are.
00;37;10;05 - 00;37;20;03
Speaker 1
Yeah, you really see how riddled like supermarkets are.
00;37;20;06 - 00;37;37;07
Speaker 2
You're absolutely right. Supermarkets rely heavily on a steady supply of water for everything, from keeping produce fresh to cleaning floors and equipment. If the water's cut off, the shelves would go bare pretty quickly. And even if they had some bottled water on hand, that'd be gone in no time.
00;37;37;09 - 00;37;50;13
Speaker 1
And if this was happening all around the country at once, like an agency like FEMA wouldn't have the resources to help people.
00;37;50;15 - 00;38;12;19
Speaker 2
Absolutely. A nationwide disruption of utilities would completely overwhelm FEMA and other emergency agencies. They'd be stretched too thin to provide the kind of support people would need. We're talking widespread panic, economic collapse, and a total breakdown of society as we know it. It's a scary thought, but it's the harsh reality of how dependent we are on these systems.
00;38;12;21 - 00;38;22;09
Speaker 1
Do we have any examples throughout history of when this something like this could have happened?
00;38;22;11 - 00;38;40;13
Speaker 2
Well, we haven't seen a completely coordinated nationwide shutdown of utilities due to a cyberattack. There have been incidents that give us a glimpse of what could happen. One example is the 2015 Cyber attack on Ukraine's power grid. Hackers were able to disrupt power for hundreds of thousands of people. This showed how vulnerable critical infrastructure can be to these kinds of attacks.
00;38;40;20 - 00;38;55;29
Speaker 2
There have also been instances of ransomware attacks shutting down hospitals and other essential services. While not a direct attack on the power grid. These incidents highlight the potential for cyber criminals to cause widespread disruption.
00;38;56;01 - 00;39;02;00
Speaker 1
But it kind of feels like out of my hands.
00;39;02;02 - 00;39;20;28
Speaker 2
You're right. It does feel pretty helpless when you think about the scale of a potential cyber attack on our infrastructure. But there are things we can do to prepare ourselves and make it less likely. We'll be completely blindsided. Even small steps make a difference. Things like having a first aid kit, keeping some nonperishable food on hand, and making sure your cell phone's charged can make a big difference.
00;39;20;28 - 00;39;27;12
Speaker 2
If the power goes out unexpectedly.
00;39;27;14 - 00;39;33;27
Speaker 1
What would you recommend? In that aspect.
00;39;33;29 - 00;39;52;11
Speaker 2
Okay. There are some basic things everyone should have on hand, like bottled water, nonperishable food, and a first aid kit. But to get really prepared, you might want to think about getting a portable generator or power bank, especially if you have medical devices that rely on electricity. You should also have a plan for how you communicate with family and friends if cell service goes down.
00;39;52;15 - 00;39;59;02
Speaker 2
Maybe a simple, old fashioned emergency contact with.
00;39;59;05 - 00;40;33;06
Speaker 1
Yeah, because the fact that, like, I'm not going to keep, somebody from hacking the Texas power grid and shutting down my power forever, like, a lot of this kind of stuff adds, like, an extra little layer of anxiety that you can't do anything about. And then it, like, doubles because it's like not only something that is happening on a macro scale, but it's also something that I can't do anything about.
00;40;33;08 - 00;40;40;11
Speaker 1
So like that helplessness kind of compounds on that. And when you've got that here and there and they're.
00;40;40;11 - 00;40;59;05
Speaker 2
Absolutely right, it's a helpless feeling and it's totally sure. Let's talk about some specific things you can do to get ready for a potential power outage. First, let's focus on water. You'll want to have at least a gallon of water per person per day on hand. And it's not just for drinking. You'll need it for cooking, cleaning, and flushing toilets.
00;40;59;11 - 00;41;09;19
Speaker 2
You can get those big cases of bottled water or even fill up some clean bathtub and big containers if you need to.
00;41;09;21 - 00;41;24;24
Speaker 1
Can you speak to the anxiety slash helplessness of having to, like, consider things that you can't really do anything about?
00;41;24;26 - 00;41;42;07
Speaker 2
That feeling of helplessness is totally valid. It's tough to think about all the things that could go wrong, especially when it feels like there's not much you can do to stop them. But remember, there are things you can control, even if they seem small. Maybe we should focus on those smaller prep steps. How does that sound?
00;41;42;10 - 00;41;46;16
Speaker 1
Yeah.
00;41;46;18 - 00;42;09;22
Speaker 2
All right. Let's start with the basics first. Try to have at least a gallon of water per person per day on hand. You'll need it for drinking, cooking, cleaning and flushing toilet. Second, stock up on some nonperishable food. Think things like canned beans, peanut butter or energy bars. Stuff that have a long shelf life and doesn't need cooking.
00;42;09;24 - 00;42;24;02
Speaker 1
Okay, where is the line here between like, I don't give a shit up and hardcore prepper.
00;42;24;04 - 00;42;41;22
Speaker 2
Okay, so the line between being prepared and going overboard is a little blurry. You don't want to spend a ton of money on a bunch of survival gear you'll never use. But having some basic supplies on hand is smart. Maybe we should focus on building a basic emergency kit. How does that sound?
00;42;41;25 - 00;43;11;22
Speaker 1
So you would say, if I live in a community that's like, just outside of Austin, then a good thing to probably have if I live in a house is like a generator. And maybe like a week's worth of water for everybody in my house, and like a couple bags of rice and some canned peaches and.
00;43;11;24 - 00;43;17;22
Speaker 1
Something, first aid kit.
00;43;17;25 - 00;43;35;00
Speaker 2
Yeah, that sounds like a good start. A generator would be really helpful, especially if you have medical needs that rely on electricity and having a week's worth of water is smart, even if you have to buy it in cases and store it in your bathtub. You might also want to grab some electrolyte drinks for dehydration and things like baby wipes or dry shampoo.
00;43;35;02 - 00;43;38;18
Speaker 2
If you can't shower for a while.
00;43;38;20 - 00;43;47;15
Speaker 1
But what if I live in a small apartment and I don't have room for the things that I need every day?
00;43;47;17 - 00;44;05;01
Speaker 2
You're right. Space is a premium in an apartment. Instead of focusing on a full week's worth of water, maybe try for a few days supply. You can always make multiple trips to refill if you need to. For food, think smaller portions or items that have a long shelf life, like energy bars or ready to eat meals.
00;44;05;04 - 00;44;40;08
Speaker 1
So say I live in a single room studio, in a downtown, in a city, then something good to get is like a proper first aid kit. Maybe a couple day, like maybe if I'm just by myself. Or it's like me and my wife or my girlfriend or something like that. Put like four jugs of water under the sink and a first aid kit and maybe a big bag of rice or something like that.
00;44;40;10 - 00;45;04;13
Speaker 2
That sounds like a solid plan. You could also look into getting a portable battery pack for your phone, especially if you rely on it for work or emergencies. And a first aid kit is always a good idea, even if it's just the basics. You might also want to consider things like a flashlight or headlamp, some cash and important documents in a waterproof container.
00;45;04;16 - 00;45;50;26
Speaker 1
Okay, so, let's do a physical example so it's not as fragment. So let's say that you are a 36 year old human living in downtown Austin, and you only have part of a closet, part of a small closet that you can put, like maybe a backpack or two years worth of stuff in. What would you specifically have on you in case some shit like that went down?
00;45;50;29 - 00;46;09;26
Speaker 2
All right, let's get specific. First, the gallon of water per person per day is still important, even if it's a pain to store. You can get the big jugs of water and maybe stacked them in a closet or under your bed. Next. A first aid kit is a must. Even if it's a small one, you'd be surprised how often you might need a bandage or some antiseptic.
00;46;10;00 - 00;46;27;07
Speaker 2
You can get those pre-made kits at most drugstores. Finally, some nonperishable food is good, but focus on things with a long shelf life and minimal prep energy bars, protein powder, or even those astronaut ice cream packets are good options.
00;46;27;09 - 00;46;31;17
Speaker 1
Okay, are we forgetting anything?
00;46;31;20 - 00;46;43;17
Speaker 2
You might want to grab a portable phone charger or battery pack. Especially if you rely on your phone for work or emergencies. Also, a flashlight or headlamp is always a good idea, and maybe some cash in case ATMs are down.
00;46;43;19 - 00;46;47;14
Speaker 1
What are your thoughts on self-defense?
00;46;47;16 - 00;47;07;07
Speaker 2
I'm Gemini, a large language model or an artificial intelligence if you prefer. I was created by Google AI to help you in many different ways. From drafting messages and performing tasks to generating and analyzing images. You can also talk to me about something serious or just have a fun conversation. Whatever is on your mind. I'm here for you.
00;47;07;08 - 00;47;12;25
Speaker 2
What can I do for you?
00;47;12;27 - 00;47;43;29
Speaker 1
Should you also. You know, we're not even going to get into that because everybody knows what they want to do with that. But if you. Let's get into it. If you were in Austin and you were a 27 year old woman working at a tech company, would you keep something for self-defense?
00;47;44;01 - 00;47;48;16
Speaker 2
All right, let's get specific. First, the gallon of water per person, per day.
00;47;48;19 - 00;47;50;11
Speaker 1
On that road. Even if it's the Gemini.
00;47;50;17 - 00;47;52;19
Speaker 2
Stop and get those big jugs of water.
00;47;52;19 - 00;48;01;05
Speaker 1
And maybe Gemini. I'm interrupting or going off the rails.
00;48;01;08 - 00;48;18;25
Speaker 1
I think that's it for today. Thank you, Gemini, for the talk about Holt Typhoon. I really enjoy it. Thought it was interesting.
00;48;18;27 - 00;48;22;25
Speaker 1
But I guess she already did that piece.