This is your Digital Dragon Watch: Weekly China Cyber Alert podcast.

Hey listeners, Ting here with your Digital Dragon Watch. This past week has been absolutely wild in the China cyber sphere, so let's dive straight in.

First up, we've got a DNS poisoning campaign that's been making waves. The advanced persistent threat group Evasive Panda has been launching highly targeted cyber espionage attacks using DNS poisoning to deliver their signature MgBot backdoor. They're going after victims across Türkiye, China, and India. This isn't your garden variety phishing attempt either. These folks are sophisticated and patient, which is exactly the kind of behavior we've come to expect from state-linked threat actors.

But here's where it gets really interesting for American organizations. According to the House Homeland Security Committee, roughly seventy percent of cyberattacks in 2024 involved critical infrastructure. Chinese cyber espionage activity rose approximately one hundred fifty percent year over year, while attacks impacting financial services, manufacturing, and industrial sectors skyrocketed by roughly three hundred percent. We're talking about a massive uptick in aggression here.

The FBI and its partners disclosed back in August that Chinese state-sponsored hackers compromised at least two hundred organizations across eighty countries. The group known as Salt Typhoon had maintained access for extended periods, up to two years in some cases, inside networks of at least nine major U.S. telecommunications providers. They weren't just sitting there either. Joint warnings from CISA, the NSA, and the FBI made clear these actors had also been identified across transportation, energy, and water-related organizations.

Then there's the supply chain angle. According to DigiTimes, one of Apple's Chinese assembly partners got hit by a major cyberattack earlier this month that exposed sensitive production line information and manufacturing data. These aren't random attacks either. Chinese hacking groups are getting more strategic, more coordinated, and frankly more dangerous.

The Defense Department is taking this seriously. The Cybersecurity Maturity Model Certification deadline passed in November twenty twenty-five, and proof of compliance is now required for military contracts. Federal agencies need to be patching systems immediately, especially after critical vulnerabilities like the WatchGuard Firebox RCE flaw started getting actively exploited.

My recommendation? Treat your networks like you're living in a high threat environment because you are. Implement network segmentation, get your patching schedules locked down, and for goodness sake, monitor that DNS traffic. These threat actors are patient, well-funded, and getting smarter every single day.

Thanks for tuning in, listeners. Make sure you subscribe to stay on top of these threats. This has been a Quiet Please production. For more, check out Quiet Please dot ai.

For more http://www.quietplease.ai


Get the best deals https://amzn.to/3ODvOta

This content was created in partnership and with the help of Artificial Intelligence AI