Panda Pandemonium: Backdoor Blowups, Firewall Fails, and Espionage Extravaganza! episode artwork

EPISODE · Aug 4, 2025 · 5 MIN

Panda Pandemonium: Backdoor Blowups, Firewall Fails, and Espionage Extravaganza!

from Digital Dragon Watch: Weekly China Cyber Alert · host Inception Point AI

This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Listeners, Ting here and the cyber dragons have been anything but sleepy this week. Let's kick off with the bombshell out of Beijing: the Cyberspace Administration of China, or CAC, summoned Nvidia for a grilling after accusing the US of scheming to slip backdoors into Nvidia’s newest H20 chips. The backstory? The US Chip Security Act, pitched by Senator Tom Cotton, would force chipmakers to install tracking and remote shutdown systems in semiconductors headed for “unwelcome” destinations. While the law hasn’t passed, China’s top cyber sleuths are on red alert, pressing Nvidia to spill whether Washington might sneak backdoors into made-for-China chips. Nvidia, of course, is walking a global tightrope, debuting H20 chips explicitly to skirt US export controls, but is now caught in this chip chess match. If that weren’t enough, China’s own CNCERT dropped a massive report last Thursday claiming US intelligence hackers, with techniques straight out of a spy thriller, breached Chinese military-industrial networks starting in 2022. The initial break-in exploited a zero-day flaw in Microsoft Exchange. These folks didn’t just pop in for a peek—they stuck around for almost a year. We’re talking stealthy malware, payloads zipped through WebSocket-wrapped SSH tunnels, and traffic bounced through anonymous European relay nodes. In wave two, between July and November last year, attackers hit a critical supply chain, manipulating Tomcat service filters and sneaking in Trojanized updates. The malware went hunting for keywords like “secret work” and “core network,” swiping sensitive diagrams and protocol blueprints. CNCERT spotted log wiping and active recon against military intrusion detection: this was sophisticated, persistent, and, frankly, scary. Now, flipping the Great Firewall’s script, security researchers from University of Massachusetts Amherst and Stanford published a paper showing China’s recent attempt to upgrade censorship for new QUIC traffic backfired—leaving the infamous firewall vulnerable to “availability attacks.” Attackers could spoof packets to block DNS—shutting out access to non-Chinese DNS resolvers countrywide. The paper triggered a partial fix but not a full solution, and anti-censorship communities are already dissecting this new attack surface. For censorship engineers in China, it’s back to the blueprint. Here at home, the Salt Typhoon attack plot twist is still sending shockwaves. Dr. Susan Landau exposed how Chinese hackers used the CALEA-mandated wiretap backdoors in U.S. telecoms to infiltrate senior campaign communications. In response, four Five Eyes countries—yes, including the FBI this time—urged everywhere encryption. The UK, in vintage style, declined to sign on and is looking to its own secret squirrel methods instead. Let’s talk sector trends: according to CrowdStrike’s just-released Threat Hunting Report, China-nexus groups like GENESIS PANDA and This content was created in partnership and with the help of Artificial Intelligence AI.

This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Listeners, Ting here and the cyber dragons have been anything but sleepy this week. Let's kick off with the bombshell out of Beijing: the Cyberspace Administration of China, or CAC, summoned Nvidia for a grilling after accusing the US of scheming to slip backdoors into Nvidia’s newest H20 chips. The backstory? The US Chip Security Act, pitched by Senator Tom Cotton, would force chipmakers to install tracking and remote shutdown systems in semiconductors headed for “unwelcome” destinations. While the law hasn’t passed, China’s top cyber sleuths are on red alert, pressing Nvidia to spill whether Washington might sneak backdoors into made-for-China chips. Nvidia, of course, is walking a global tightrope, debuting H20 chips explicitly to skirt US export controls, but is now caught in this chip chess match. If that weren’t enough, China’s own CNCERT dropped a massive report last Thursday claiming US intelligence hackers, with techniques straight out of a spy thriller, breached Chinese military-industrial networks starting in 2022. The initial break-in exploited a zero-day flaw in Microsoft Exchange. These folks didn’t just pop in for a peek—they stuck around for almost a year. We’re talking stealthy malware, payloads zipped through WebSocket-wrapped SSH tunnels, and traffic bounced through anonymous European relay nodes. In wave two, between July and November last year, attackers hit a critical supply chain, manipulating Tomcat service filters and sneaking in Trojanized updates. The malware went hunting for keywords like “secret work” and “core network,” swiping sensitive diagrams and protocol blueprints. CNCERT spotted log wiping and active recon against military intrusion detection: this was sophisticated, persistent, and, frankly, scary. Now, flipping the Great Firewall’s script, security researchers from University of Massachusetts Amherst and Stanford published a paper showing China’s recent attempt to upgrade censorship for new QUIC traffic backfired—leaving the infamous firewall vulnerable to “availability attacks.” Attackers could spoof packets to block DNS—shutting out access to non-Chinese DNS resolvers countrywide. The paper triggered a partial fix but not a full solution, and anti-censorship communities are already dissecting this new attack surface. For censorship engineers in China, it’s back to the blueprint. Here at home, the Salt Typhoon attack plot twist is still sending shockwaves. Dr. Susan Landau exposed how Chinese hackers used the CALEA-mandated wiretap backdoors in U.S. telecoms to infiltrate senior campaign communications. In response, four Five Eyes countries—yes, including the FBI this time—urged everywhere encryption. The UK, in vintage style, declined to sign on and is looking to its own secret squirrel methods instead. Let’s talk sector trends: according to CrowdStrike’s just-released Threat Hunting Report, China-nexus groups like GENESIS PANDA and This content was created in partnership and with the help of Artificial Intelligence AI.

NOW PLAYING

Panda Pandemonium: Backdoor Blowups, Firewall Fails, and Espionage Extravaganza!

0:00 5:37

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

No similar episodes found.

No similar podcasts found.

Frequently Asked Questions

How long is this episode of Digital Dragon Watch: Weekly China Cyber Alert?

This episode is 5 minutes long.

When was this Digital Dragon Watch: Weekly China Cyber Alert episode published?

This episode was published on August 4, 2025.

What is this episode about?

This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Listeners, Ting here and the cyber dragons have been anything but sleepy this week. Let's kick off with the bombshell out of Beijing: the Cyberspace Administration of China, or...

Can I download this Digital Dragon Watch: Weekly China Cyber Alert episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!