From SharePoint Hacks to Space Lasers: China's Cyber Moves Leave US Scrambling

This is your Tech Shield: US vs China Updates podcast.

Hey listeners, Ting here, and you’ve officially logged on for a cyber adventure hotter than a Shanghai server room in July! Let’s jump straight into this week’s top chapter in the never-ending US versus China cyber saga, where the battleground is shifting, the hacks are multi-layered, and even the tech is developing a personality of its own.

If you thought summer was supposed to be slow, try telling that to the folks at Microsoft. Since July kicked off, three state-affiliated Chinese hacking groups—Linen Typhoon, Violet Typhoon, and the mysteriously meteorological Storm-2603—have been exploiting fresh vulnerabilities in good ol’ Microsoft SharePoint. If you run SharePoint on-premises, you may already be sweating: the attacks sidestepped standard defenses and left more than 100 organizations globally exposed, including the US Department of Energy and, get this, the National Nuclear Security Administration. No nuclear secrets lost, but how’s that for a weekend scare?

Microsoft has pushed out rapid patches, but attackers keep juking defenses, sneaking back in by lifting authentication keys and impersonating users. Trend Micro even dropped a $100,000 prize on the Vietnamese cybersecurity researcher Dinh Ho Anh Khoa, who flagged the flaw at a hacker event, and Microsoft patched it by July 8. But within 48 hours, Chinese actors were back with workarounds. Microsoft just released a follow-up patch, so now we all wait and see: do defenses finally hold, or does the cat-and-mouse game continue?

Meanwhile, the Feds and tech giants are issuing advisories faster than you can say “zero day.” The FBI and CISA urge all agencies and businesses to not just patch up but migrate to cloud-based services and add robust, layered defenses. And if you’re still clinging to that on-prem SharePoint install, you are now officially in DEFCON Mode. Security teams are under pressure to monitor for credential theft and unusual logins; it’s not paranoia if they’re already inside.

Zooming out, the geopolitical shadowboxing is getting spicier. At the World Artificial Intelligence Conference in Shanghai, Premier Li Qiang called for a global AI “cooperation organization.” It’s positioned as a counterweight to the US, which just rolled out its own AI Action Plan and tightened the screws on chip exports. In short: the US says, “Let’s dominate with AI and keep our chips close,” while China replies, “How about a global party where everyone brings their own encryption?”

In space, China’s also been flexing. According to Asia Times, their new BGSe crystal for anti-satellite lasers could let them “dazzle” US space assets, as General Bradley Saltzman warned. The Pentagon is now racing to harden satellites, diversify ISR assets, and consider new non-kinetic countermeasures. Still, experts like Dennis Rice caution that the US’s focus on resilience over actual deterrence could leave gaps—America may be building better walls, but is it swinging a big enough stick to make adversaries think twice?

So, effectiveness check: Industry is reacting faster, federal advisories are everywhere, and vulnerability patching is in full sprint mode. But gaps remain—attackers are resourceful, rinse-and-repeat exploitation is common, and efforts to fully migrate to cloud or fortify against laser-fueled orbital mischief take time. Everyone from private sector CISOs to the Pentagon’s cyber commandos are learning that layered defense is a moving target and not everyone’s running at the same pace.

Thanks for tuning in, and if you want honest, expert takes with just the right amount of snark, make sure you subscribe so you never miss an episode. This has been a quiet please production, for more check out quiet please dot ai.

For more http://www.quietplease.ai


Get the best...