Salty Dragons Gone Wild: China's Cyber Goons Hack the Planet episode artwork

EPISODE · Aug 27, 2025 · 4 MIN

Salty Dragons Gone Wild: China's Cyber Goons Hack the Planet

from Digital Dragon Watch: Weekly China Cyber Alert · host Inception Point AI

This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Ting here, spinning up this week’s Digital Dragon Watch: Weekly China Cyber Alert—reporting from August 27, 2025, just as your firewalls are probably wondering what hit them. Let’s get right into the main event, because the last seven days have been packed with the sort of high drama only state-sponsored hackers with way too much caffeine and too many routers can deliver. First, you’ve probably already clocked the big news flashes from the NSA, CISA, and partners in the UK and Australia. Yep, Madhu Gottumukkala from CISA and Brett Leatherman from FBI were both out front warning that Chinese state-sponsored Advanced Persistent Threat (APT) actors—think Salt Typhoon, OPERATOR PANDA, and their galactic crew RedMike, UNC5807, and GhostEmperor—are going absolutely wild on global critical infrastructure. That means they’re going after telecom (again), government backbones, transport networks, lodging sectors, and even military systems. The biggest new attack vector uncovered this week? These Chinese teams are exploiting vulnerabilities in backbone routers—the big provider edge and customer edge routers that run the internet behind the scenes. If you’re in telecom, you’ve probably had a bad week. Notably, Salt Typhoon is back in headlines. According to BankInfoSecurity and BleepingComputer, they not only breached nine major U.S. telecoms and lifted text messages, voicemails, and law enforcement wiretap data, but last year they enjoyed a nine-month joyride inside the U.S. Army National Guard network, swiping admin credentials and config files. That’s not even counting their custom malware “JumbledPath” and penchant for GRE tunneling—basically highway banditry at scale. The outcome? Dead serious: the FCC is now making telecoms draft and certify real cyber risk management plans, so if you’re AT&T or Verizon, no snoozing allowed. Defensively, official U.S. government reactions have been punchy. The NSA, CISA, and the FBI jointly dropped shiny new mitigation guidance. They want you patching all known exploited vulnerabilities ASAP, enabling centralized logging, securing edge infrastructure, and—especially for critical infrastructure pros—threat hunting with extreme prejudice. And as CISA’s advisory keeps saying, don’t just fix things quietly; build resilience and report intrusions to keep the intelligence flowing. On the industry front, Google’s Threat Intelligence Group—Sandra Joyce—previewed their new “disruption unit,” focused on legal and ethical disruption of cyberattacks. The mood in the sector is shifting from “play defense” to “go proactive,” with some experts advocating for more aggressive disruption, even if it means crossing into “active defense” (think honeypots and campaign takedowns) and maybe a little bit of hack-back territory. China’s official response? As tracked by the UK’s NCSC and international allies, silence—pending, at least publicly—but there’s no shortage of This content was created in partnership and with the help of Artificial Intelligence AI.

This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Ting here, spinning up this week’s Digital Dragon Watch: Weekly China Cyber Alert—reporting from August 27, 2025, just as your firewalls are probably wondering what hit them. Let’s get right into the main event, because the last seven days have been packed with the sort of high drama only state-sponsored hackers with way too much caffeine and too many routers can deliver. First, you’ve probably already clocked the big news flashes from the NSA, CISA, and partners in the UK and Australia. Yep, Madhu Gottumukkala from CISA and Brett Leatherman from FBI were both out front warning that Chinese state-sponsored Advanced Persistent Threat (APT) actors—think Salt Typhoon, OPERATOR PANDA, and their galactic crew RedMike, UNC5807, and GhostEmperor—are going absolutely wild on global critical infrastructure. That means they’re going after telecom (again), government backbones, transport networks, lodging sectors, and even military systems. The biggest new attack vector uncovered this week? These Chinese teams are exploiting vulnerabilities in backbone routers—the big provider edge and customer edge routers that run the internet behind the scenes. If you’re in telecom, you’ve probably had a bad week. Notably, Salt Typhoon is back in headlines. According to BankInfoSecurity and BleepingComputer, they not only breached nine major U.S. telecoms and lifted text messages, voicemails, and law enforcement wiretap data, but last year they enjoyed a nine-month joyride inside the U.S. Army National Guard network, swiping admin credentials and config files. That’s not even counting their custom malware “JumbledPath” and penchant for GRE tunneling—basically highway banditry at scale. The outcome? Dead serious: the FCC is now making telecoms draft and certify real cyber risk management plans, so if you’re AT&T or Verizon, no snoozing allowed. Defensively, official U.S. government reactions have been punchy. The NSA, CISA, and the FBI jointly dropped shiny new mitigation guidance. They want you patching all known exploited vulnerabilities ASAP, enabling centralized logging, securing edge infrastructure, and—especially for critical infrastructure pros—threat hunting with extreme prejudice. And as CISA’s advisory keeps saying, don’t just fix things quietly; build resilience and report intrusions to keep the intelligence flowing. On the industry front, Google’s Threat Intelligence Group—Sandra Joyce—previewed their new “disruption unit,” focused on legal and ethical disruption of cyberattacks. The mood in the sector is shifting from “play defense” to “go proactive,” with some experts advocating for more aggressive disruption, even if it means crossing into “active defense” (think honeypots and campaign takedowns) and maybe a little bit of hack-back territory. China’s official response? As tracked by the UK’s NCSC and international allies, silence—pending, at least publicly—but there’s no shortage of This content was created in partnership and with the help of Artificial Intelligence AI.

NOW PLAYING

Salty Dragons Gone Wild: China's Cyber Goons Hack the Planet

0:00 4:14

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

No similar episodes found.

No similar podcasts found.

Frequently Asked Questions

How long is this episode of Digital Dragon Watch: Weekly China Cyber Alert?

This episode is 4 minutes long.

When was this Digital Dragon Watch: Weekly China Cyber Alert episode published?

This episode was published on August 27, 2025.

What is this episode about?

This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Ting here, spinning up this week’s Digital Dragon Watch: Weekly China Cyber Alert—reporting from August 27, 2025, just as your firewalls are probably wondering what hit them....

Can I download this Digital Dragon Watch: Weekly China Cyber Alert episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!