Nicole Perlroth spent more than a decade covering cybersecurity for The New York Times, reporting on everything from state and local ransomware attacks to global cyber warfare.
In 2021, she turned her experiences into a best-selling book, This Is How They Tell Me the World Ends, which documents the international digital arms race and details an unregulated gray market where private hackers develop and sell dangerous cyber weapons to the highest bidder. Perlroth’s popular 2025 podcast series, To Catch a Thief, investigated the evolution of China’s state-sponsored hackers.
Today, she advises multiple cybersecurity companies and regularly keynotes on cybersecurity topics. She is also the founding partner of Silver Buckshot Ventures, a San Francisco-based venture capital firm that invests in early-stage cybersecurity startups.
Perlroth spoke with Governing about how cybersecurity threats are evolving — especially with the emergence of powerful AI software — and why state and local governments are a prime target for a growing class of uniquely dangerous threats from hostile foreign governments.
You spent years reporting on cyber warfare and vulnerabilities. What should state and local government officials be concerned about?
I’ll start by saying the threat landscape has never moved so quickly. A few years ago, I would have talked about ransomware. Cities and counties were being held hostage with ransomware attacks.
Now, the bigger threat is that there are actors — predominantly China — probing state and local computer systems and critical infrastructure like water systems, ports, railways and vendors that supply all those entities. They’re getting inside those systems and then lying in wait. They’re not dropping malware. They’re not siphoning off personal data.
They’re doing that because if there’s an escalation around Taiwan or the South China Sea, they want to be in position to paralyze us from mobilizing forces and logistical support. But also — and this is really where state and local government comes in — they want to be able to disrupt basic services like clean water and fuel. It’s a psychological deterrent to supporting Taiwan — so that we think, “Why are we supporting this island 7,000 miles away? I just need gas today.” China is very strategic like that.
What does this mean for government leaders?
They need to know that state and local governments are the most targeted entities. They’re the ones who’ll have to show up on national television when the water shuts off, or worse, it’s contaminated by a cyber attack.
One thing China has really figured out is that large utilities — the PG&Es and Southern Powers of the world — have enterprise-grade security. But local entities like water treatment facilities often aren’t investing appropriately. They’re relying on software that can’t even be patched for security vulnerabilities because it’s so old.
One example that I think is illustrative for your audience is what happened in Littleton, Mass. The city’s Electric Light and Water Departments discovered in 2023, through a notification from the FBI and CISA [Cybersecurity and Infrastructure Security Agency], that they had been infiltrated by Volt Typhoon [a state-sponsored Chinese hacking group]. Why is China sitting in the systems of a local water treatment and grid operator that only serves 15,000 people? They’re probably a lot easier to break into than PG&E, and disrupting water and power creates chaos and panic; it creates political pressure.
How does the current conflict with Iran impact local communities?
I think it’s safe to say that Iran views the current conflict as an existential crisis. We are seeing a tremendous amount of aggressive activity on two fronts. They’re targeting administration officials who are involved in the ceasefire talks, but we’re also seeing a huge pickup in Iranian attacks on local infrastructure like water facilities and power grids.
Iran is far less sophisticated than China, but they look for targets of opportunity — anyone who’s essentially left the door open by using old software or default passwords. And they’re not going to lie in wait; they are there to turn things off.
How is AI changing the threat landscape?
Ransomware never went away. But in the past, your security measures just needed to be good enough that threat actors would pass you by and hit the next guy down the street.
Now AI is going to scan for any open doors. It will get in, and without any human guidance whatsoever, encrypt your data, hold you hostage and manage the payment negotiation. AI automates the whole kill chain. Anyone who is not using best practices will be compromised.
We’re seeing ransomware groups train AI chatbots to identify which business-critical assets to encrypt, figure out who is most likely to pay, and manage payment negotiations for maximum psychological pressure. These automated attacks will target known security vulnerabilities where people haven’t run their software updates or haven’t implemented things like multifactor authentication.
What’s even scarier is that [AI developer] Anthropic recently previewed a new AI model called Mythos that can find previously unknown vulnerabilities — in some cases, bugs in our most hardened software that have been undiscovered for 20 years.
According to industry reports, Mythos identified thousands of unknown vulnerabilities in major software operating systems and web browsers during testing — flaws that had not been detected by human security reviews or automated assessments. Anthropic has not released the technology publicly. Instead, the firm is working with a coalition of technology companies to use the tool to find and fix vulnerabilities in important software systems. However, experts expect similar capabilities to rapidly appear from other AI developers.
Your book details the value of these undiscovered software flaws, known in the information security world as “zero-day” vulnerabilities because software makers have had zero days to fix them. Hackers who discover these flaws, which give attackers an invisible doorway into computer hardware and software, could sell them for millions of dollars to national governments, cyber criminals, defense contractors and others. What does it mean that AI can now make zero days so easy to discover?
I think we’re now experiencing the coda to my book. Anthropic’s Mythos model can find undiscovered vulnerabilities that are very severe and exploit them automatically. So that market I wrote about is essentially being eviscerated. The barrier to entry is gone. AI can find and develop zero-day exploits on a scale that we can’t even really fathom as humans. And anyone will be able to use these models, potentially.
Anthropic is partnering with security companies to find those vulnerabilities first to protect customers. That’s the responsible way to do it. Will that be enough? I don’t think so. They have a host of competitors, many of which are not based in the U.S., and they may not have the same view of accountability.
Won’t this technology also lead to better and more resilient systems?
Yes, ultimately, we’ll use it defensively to vet software before it’s released and to go back and fix vulnerable code. That will be a huge step in up-leveling security. But for now, attackers will have a major advantage — there’s just going to be more code with vulnerabilities that can be exploited autonomously. It’s going to be a wild ride for the next few years. And, unfortunately, where we’ll see this play out is state and local governments and their critical infrastructure suppliers.
What should leaders be doing to prepare?
The fundamentals are now urgent. Get rid of old software. Use cybersecurity tools from the best providers. Modernize the industrial control systems used by water and power authorities and use security tools designed to protect those systems.
I know this is very tough to do. These are resource-constrained environments that often work off annual budgets. Communities bought their technology systems years ago, and replacing them is an entirely new line item. But that model is about to be exposed as completely broken. It’s a national security imperative that we find new models.
Officials also need to plan for a cyber attack the same way they would prepare for a terrorist attack. Make sure you’re getting threat briefings. Conduct tabletop exercises regularly. Practice how you would communicate if everything shuts down and you can’t access your email. What communication channels can you revert to? What are your manual fallback systems?
These things are critical — and they’re something state and local officials can lead on.
