Nicole Perlroth

It's May of 2021. Jets are grounded. Up and down the eastern seaboard, lines at gas stations sneak for blocks. Panicked Americans vie to fill up garbage bags with gas.

It's May of 2021. Jets are grounded. Up and down the eastern seaboard, lines at gas stations sneak for blocks. Panicked Americans vie to fill up garbage bags with gas.

Colonial Pipeline, the 5,500-mile artery that carries America's lifeblood, gas, diesel, jet fuel, from Texas up to New Jersey, had been shut down. A cyber attack took the company's IT systems out of commission, jolting all operations to a sudden halt. People panicked. If someone, say China, wanted to wreak chaos and havoc on the United States, this was how to do it.

Colonial Pipeline, the 5,500-mile artery that carries America's lifeblood, gas, diesel, jet fuel, from Texas up to New Jersey, had been shut down. A cyber attack took the company's IT systems out of commission, jolting all operations to a sudden halt. People panicked. If someone, say China, wanted to wreak chaos and havoc on the United States, this was how to do it.

But this wasn't the work of China or Russia or Iran for that matter. This was a group of cyber criminals looking for a quick payday. Colonial Pipeline was hit by ransomware and the attack didn't even hit the pipeline itself.

But this wasn't the work of China or Russia or Iran for that matter. This was a group of cyber criminals looking for a quick payday. Colonial Pipeline was hit by ransomware and the attack didn't even hit the pipeline itself.

But without any way to bill its customers and with shaky confidence in the air gap between employees' computers and its pipeline operation, Colonial preemptively shut that down too. The country's largest pipeline was out of commission for five days. And had Colonial Pipeline not paid off its extortionists or had backups they could tap into, the paralysis could have been much, much worse.

But without any way to bill its customers and with shaky confidence in the air gap between employees' computers and its pipeline operation, Colonial preemptively shut that down too. The country's largest pipeline was out of commission for five days. And had Colonial Pipeline not paid off its extortionists or had backups they could tap into, the paralysis could have been much, much worse.

Back at the Times, we got our hands on a confidential Department of Energy assessment that found that as a country, we could have only afforded three or four more days of downtime before that attack brought the entire U.S. economy to its knees. It wasn't so much the gas or jet fuel. We had the reserves for those. It was the diesel required to run our factories.

Back at the Times, we got our hands on a confidential Department of Energy assessment that found that as a country, we could have only afforded three or four more days of downtime before that attack brought the entire U.S. economy to its knees. It wasn't so much the gas or jet fuel. We had the reserves for those. It was the diesel required to run our factories.

The attack and the dependencies it revealed caught the nation completely off guard. And China's leaders paid careful attention.

The attack and the dependencies it revealed caught the nation completely off guard. And China's leaders paid careful attention.

That was Jen Easterly, who led CISA, the nation's cyber defense agency, under Biden. Cut to present day when China's PLA hackers, right now, right this instant, are inside hundreds of colonial pipeline equivalents across the country.

That was Jen Easterly, who led CISA, the nation's cyber defense agency, under Biden. Cut to present day when China's PLA hackers, right now, right this instant, are inside hundreds of colonial pipeline equivalents across the country.

The tip of the iceberg. So what's lurking beneath the surface? Before I continue, let me say again what I said at the start. We cannot confuse the Chinese government with the Chinese people. Paranoia and xenophobia can and have pushed nations towards authoritarianism, fascism. They risk turning us into our worst enemy.

The tip of the iceberg. So what's lurking beneath the surface? Before I continue, let me say again what I said at the start. We cannot confuse the Chinese government with the Chinese people. Paranoia and xenophobia can and have pushed nations towards authoritarianism, fascism. They risk turning us into our worst enemy.

China's grip on our infrastructure has nothing to do with everyday Chinese people, who in too many cases are themselves held hostage by the party's digital dragnets. And this isn't just a moral distinction. It's strategic. Because xenophobia isn't just repulsive, it's reckless.

China's grip on our infrastructure has nothing to do with everyday Chinese people, who in too many cases are themselves held hostage by the party's digital dragnets. And this isn't just a moral distinction. It's strategic. Because xenophobia isn't just repulsive, it's reckless.

It fuels violence, pulls us further up the escalation ladder, and drags us closer to a fight that, frankly, the United States is not ready for. As you'll hear, it's time to pause, prepare, and think hard about where this road leads. I'm Nicole Perleroth, and this is To Catch a Thief.

It fuels violence, pulls us further up the escalation ladder, and drags us closer to a fight that, frankly, the United States is not ready for. As you'll hear, it's time to pause, prepare, and think hard about where this road leads. I'm Nicole Perleroth, and this is To Catch a Thief.