China's Decade-Long Squat in Your Servers and Why Your AI Models Are Now Their Favorite Snack

This is your Digital Frontline: Daily China Cyber Intel podcast. Hey listeners, Ting here on Digital Frontline: Daily China Cyber Intel. Let’s jack straight into today’s China–US cyber chessboard. Overnight, the big whisper in DC and Silicon Valley is about China-linked actors trying to ride the AI wave. The Washington Examiner reports that export limits on Anthropic’s new Fable 5 and Mythos 5 models were driven in part by suspicions that a China-aligned group had already probed or accessed Mythos 5, raising alarms about using US frontier AI for industrial-scale espionage against American tech and defense firms. That should tell every CTO in the US: your AI stack is now a priority target. Pivot from AI to infrastructure: BleepingComputer, citing incident responders at Sygnia, just detailed how a Chinese cluster dubbed Velvet Ant burrowed into a large organization’s critical infrastructure environment and camped there for roughly a decade by hijacking authentication flows in tools like PAM, OpenSSH, and Windows LSASS. That’s not smash-and-grab, that’s long-haul espionage aimed at operational data, admin credentials, and network topology that can map directly onto US energy, manufacturing, and logistics targets. Strategically, this lines up with what US and allied intelligence have been warning for years: Beijing-linked groups prioritize sectors where disruption or deep insight equals leverage—think power grids, ports, defense supply chains, semiconductor design, and now, high-end AI research and cloud platforms. The goal is not just stealing IP; it’s building options for pressure, sabotage, or strategic surprise in a crisis. So what do you actually do about it, starting today? First, authentication is crown-jewel territory. Sygnia’s recommendations are gospel here: treat your PAM servers, domain controllers, OpenSSH configs, and LSASS processes like Tier 0 systems. Wrap them in EDR, file integrity monitoring, and hardened admin access. Lock down who can touch those configs, and log every change like it’s money leaving the vault. Second, assume an adversary wants persistence, not noise. That means you hunt for living-off-the-land activity: odd but legit tools abused in subtle ways, strange PowerShell, scheduled tasks that don’t quite fit, or lateral movement that looks like a distracted admin working at 3 a.m. Tie this to robust offline backup and recovery; Sygnia specifically stresses immutable snapshots and tested restoration paths so you can rebuild without re-importing the intruder. Third, on the AI side, CISOs at tech, finance, and healthcare orgs need to treat model access like sensitive data access. Segment research environments, restrict non-US access if you’re under export control, and log every call to powerful models. If you’re fine-tuning on proprietary or defense-adjacent data, congratulations, you just became a tier-one target. Finally, practical playbook: enable phishing-resistant MFA for all privileged accounts, rotate high-value credentials regularly, and run red-team exercises focused specifically on auth abuse and AI data theft. If your incident response plan doesn’t have a chapter titled “nation-state in my IAM,” tonight is a great night to write it. I’m Ting, thanks for tuning in to Digital Frontline: Daily China Cyber Intel. Stay patched, stay paranoid, and don’t forget to subscribe. This has been a quiet please production, for more check out quiet please dot ai. For more http://www.quietplease.ai Get the best deals https://amzn.to/3ODvOta