Silk Typhoon Hackers Run Wild as Chinas Great Firewall Glitches Out episode artwork

EPISODE · Aug 22, 2025 · 5 MIN

Silk Typhoon Hackers Run Wild as Chinas Great Firewall Glitches Out

from Digital Dragon Watch: Weekly China Cyber Alert · host Inception Point AI

This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Listeners, Ting here on your Digital Dragon Watch, and if you thought China cyber news was going to slow down in late August, strap in because the virtual fireworks sparked, crashed, and detonated across cyberspace this week. Let’s get right to the biggest headline: For an electrifying 74 minutes on August 20, the Great Firewall of China went rogue and blocked all TCP port 443 traffic—yes, that’s HTTPS, the security protocol for pretty much every modern website. Overnight, China’s internet was nearly cut off from the rest of the world. Apple services, Tesla’s cloud, and countless international systems went dark for Chinese users. The kicker? Researchers from the Great Firewall Report team found strange device fingerprints that didn’t match any known parts of the Firewall. Was this a wild test run, or a government oops? It could have been a trial for blocking connections on demand or just a misconfigured upgrade that got quickly reversed. The mystery lingers like yesterday’s takeout, with security analysts speculating and Beijing silent. But that Firewall glitch isn’t all. This week’s real cyber dragon is Silk Typhoon—also known as Murky Panda—China’s state-linked hacker set running wild through North American cloud environments. CrowdStrike and The Hacker News tracked these folks breaking into cloud providers and abusing trusted SaaS relationships to leak into downstream customer networks. Their tactics? Weaponizing both zero-day and n-day flaws—think Citrix NetScaler (CVE-2023-3519) and Commvault (CVE-2025-3928). Once inside, they drop webshells like Neo-reGeorg and stealthy Linux malware called CloudedHope. Oh, and they’re hijacking small office/home office routers geolocated inside target countries to make attacks look local. Government agencies, tech firms, academic and legal services—you’re all dancing on their hit list this week. CrowdStrike’s Adam Meyers flags the worrying new attack vector: Silk Typhoon burrowing into cloud identity infrastructure, especially Entra ID service principals and delegated admin access. That means your supposedly trusted cloud relationships are now the launchpad for attackers, not just a juicy target. What has the US government done in response? Several fronts are active. The FBI joined CISA, NSA, and DC3 to put a flashlight on the surge in cyber operations, especially espionage. Their Salt Typhoon attribution campaign shows international teamwork is now essential—it’s not just about defending the perimeter, but sharing intelligence globally. There’s also a tidal wave of investment—the cybersecurity industry is projected to smash $212 billion in spending by the year’s end, with defense contractors and healthcare firms scrambling to integrate zero-trust architectures and AI-driven threat detection. If your company hasn’t set up a cyber incident response playbook, you’re playing Russian roulette with ransomware and supply chain attacks. The This content was created in partnership and with the help of Artificial Intelligence AI.

This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Listeners, Ting here on your Digital Dragon Watch, and if you thought China cyber news was going to slow down in late August, strap in because the virtual fireworks sparked, crashed, and detonated across cyberspace this week. Let’s get right to the biggest headline: For an electrifying 74 minutes on August 20, the Great Firewall of China went rogue and blocked all TCP port 443 traffic—yes, that’s HTTPS, the security protocol for pretty much every modern website. Overnight, China’s internet was nearly cut off from the rest of the world. Apple services, Tesla’s cloud, and countless international systems went dark for Chinese users. The kicker? Researchers from the Great Firewall Report team found strange device fingerprints that didn’t match any known parts of the Firewall. Was this a wild test run, or a government oops? It could have been a trial for blocking connections on demand or just a misconfigured upgrade that got quickly reversed. The mystery lingers like yesterday’s takeout, with security analysts speculating and Beijing silent. But that Firewall glitch isn’t all. This week’s real cyber dragon is Silk Typhoon—also known as Murky Panda—China’s state-linked hacker set running wild through North American cloud environments. CrowdStrike and The Hacker News tracked these folks breaking into cloud providers and abusing trusted SaaS relationships to leak into downstream customer networks. Their tactics? Weaponizing both zero-day and n-day flaws—think Citrix NetScaler (CVE-2023-3519) and Commvault (CVE-2025-3928). Once inside, they drop webshells like Neo-reGeorg and stealthy Linux malware called CloudedHope. Oh, and they’re hijacking small office/home office routers geolocated inside target countries to make attacks look local. Government agencies, tech firms, academic and legal services—you’re all dancing on their hit list this week. CrowdStrike’s Adam Meyers flags the worrying new attack vector: Silk Typhoon burrowing into cloud identity infrastructure, especially Entra ID service principals and delegated admin access. That means your supposedly trusted cloud relationships are now the launchpad for attackers, not just a juicy target. What has the US government done in response? Several fronts are active. The FBI joined CISA, NSA, and DC3 to put a flashlight on the surge in cyber operations, especially espionage. Their Salt Typhoon attribution campaign shows international teamwork is now essential—it’s not just about defending the perimeter, but sharing intelligence globally. There’s also a tidal wave of investment—the cybersecurity industry is projected to smash $212 billion in spending by the year’s end, with defense contractors and healthcare firms scrambling to integrate zero-trust architectures and AI-driven threat detection. If your company hasn’t set up a cyber incident response playbook, you’re playing Russian roulette with ransomware and supply chain attacks. The This content was created in partnership and with the help of Artificial Intelligence AI.

NOW PLAYING

Silk Typhoon Hackers Run Wild as Chinas Great Firewall Glitches Out

0:00 5:06

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

No similar episodes found.

No similar podcasts found.

Frequently Asked Questions

How long is this episode of Digital Dragon Watch: Weekly China Cyber Alert?

This episode is 5 minutes long.

When was this Digital Dragon Watch: Weekly China Cyber Alert episode published?

This episode was published on August 22, 2025.

What is this episode about?

This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Listeners, Ting here on your Digital Dragon Watch, and if you thought China cyber news was going to slow down in late August, strap in because the virtual fireworks sparked,...

Can I download this Digital Dragon Watch: Weekly China Cyber Alert episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!