EPISODE · Aug 27, 2025 · 4 MIN
Salty Dragons Gone Wild: China's Cyber Goons Hack the Planet
from Digital Dragon Watch: Weekly China Cyber Alert · host Inception Point AI
This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Ting here, spinning up this week’s Digital Dragon Watch: Weekly China Cyber Alert—reporting from August 27, 2025, just as your firewalls are probably wondering what hit them. Let’s get right into the main event, because the last seven days have been packed with the sort of high drama only state-sponsored hackers with way too much caffeine and too many routers can deliver. First, you’ve probably already clocked the big news flashes from the NSA, CISA, and partners in the UK and Australia. Yep, Madhu Gottumukkala from CISA and Brett Leatherman from FBI were both out front warning that Chinese state-sponsored Advanced Persistent Threat (APT) actors—think Salt Typhoon, OPERATOR PANDA, and their galactic crew RedMike, UNC5807, and GhostEmperor—are going absolutely wild on global critical infrastructure. That means they’re going after telecom (again), government backbones, transport networks, lodging sectors, and even military systems. The biggest new attack vector uncovered this week? These Chinese teams are exploiting vulnerabilities in backbone routers—the big provider edge and customer edge routers that run the internet behind the scenes. If you’re in telecom, you’ve probably had a bad week. Notably, Salt Typhoon is back in headlines. According to BankInfoSecurity and BleepingComputer, they not only breached nine major U.S. telecoms and lifted text messages, voicemails, and law enforcement wiretap data, but last year they enjoyed a nine-month joyride inside the U.S. Army National Guard network, swiping admin credentials and config files. That’s not even counting their custom malware “JumbledPath” and penchant for GRE tunneling—basically highway banditry at scale. The outcome? Dead serious: the FCC is now making telecoms draft and certify real cyber risk management plans, so if you’re AT&T or Verizon, no snoozing allowed. Defensively, official U.S. government reactions have been punchy. The NSA, CISA, and the FBI jointly dropped shiny new mitigation guidance. They want you patching all known exploited vulnerabilities ASAP, enabling centralized logging, securing edge infrastructure, and—especially for critical infrastructure pros—threat hunting with extreme prejudice. And as CISA’s advisory keeps saying, don’t just fix things quietly; build resilience and report intrusions to keep the intelligence flowing. On the industry front, Google’s Threat Intelligence Group—Sandra Joyce—previewed their new “disruption unit,” focused on legal and ethical disruption of cyberattacks. The mood in the sector is shifting from “play defense” to “go proactive,” with some experts advocating for more aggressive disruption, even if it means crossing into “active defense” (think honeypots and campaign takedowns) and maybe a little bit of hack-back territory. China’s official response? As tracked by the UK’s NCSC and international allies, silence—pending, at least publicly—but there’s no shortage of This content was created in partnership and with the help of Artificial Intelligence AI.
What this episode covers
This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Ting here, spinning up this week’s Digital Dragon Watch: Weekly China Cyber Alert—reporting from August 27, 2025, just as your firewalls are probably wondering what hit them. Let’s get right into the main event, because the last seven days have been packed with the sort of high drama only state-sponsored hackers with way too much caffeine and too many routers can deliver. First, you’ve probably already clocked the big news flashes from the NSA, CISA, and partners in the UK and Australia. Yep, Madhu Gottumukkala from CISA and Brett Leatherman from FBI were both out front warning that Chinese state-sponsored Advanced Persistent Threat (APT) actors—think Salt Typhoon, OPERATOR PANDA, and their galactic crew RedMike, UNC5807, and GhostEmperor—are going absolutely wild on global critical infrastructure. That means they’re going after telecom (again), government backbones, transport networks, lodging sectors, and even military systems. The biggest new attack vector uncovered this week? These Chinese teams are exploiting vulnerabilities in backbone routers—the big provider edge and customer edge routers that run the internet behind the scenes. If you’re in telecom, you’ve probably had a bad week. Notably, Salt Typhoon is back in headlines. According to BankInfoSecurity and BleepingComputer, they not only breached nine major U.S. telecoms and lifted text messages, voicemails, and law enforcement wiretap data, but last year they enjoyed a nine-month joyride inside the U.S. Army National Guard network, swiping admin credentials and config files. That’s not even counting their custom malware “JumbledPath” and penchant for GRE tunneling—basically highway banditry at scale. The outcome? Dead serious: the FCC is now making telecoms draft and certify real cyber risk management plans, so if you’re AT&T or Verizon, no snoozing allowed. Defensively, official U.S. government reactions have been punchy. The NSA, CISA, and the FBI jointly dropped shiny new mitigation guidance. They want you patching all known exploited vulnerabilities ASAP, enabling centralized logging, securing edge infrastructure, and—especially for critical infrastructure pros—threat hunting with extreme prejudice. And as CISA’s advisory keeps saying, don’t just fix things quietly; build resilience and report intrusions to keep the intelligence flowing. On the industry front, Google’s Threat Intelligence Group—Sandra Joyce—previewed their new “disruption unit,” focused on legal and ethical disruption of cyberattacks. The mood in the sector is shifting from “play defense” to “go proactive,” with some experts advocating for more aggressive disruption, even if it means crossing into “active defense” (think honeypots and campaign takedowns) and maybe a little bit of hack-back territory. China’s official response? As tracked by the UK’s NCSC and international allies, silence—pending, at least publicly—but there’s no shortage of This content was created in partnership and with the help of Artificial Intelligence AI.
NOW PLAYING
Salty Dragons Gone Wild: China's Cyber Goons Hack the Planet
No transcript for this episode yet
Similar Episodes
No similar episodes found.
Similar Podcasts
No similar podcasts found.