Risky Bulletin Srsly Risky Biz: The West's tepid China deterrence is not working
Jul 31, 2025
The discussion kicks off with a deep dive into the recent exploitation of SharePoint, drawing parallels to past Microsoft Exchange vulnerabilities. Experts emphasize the lack of effectiveness in deterring Chinese cyber threats. They explore the complexities of outsourcing IT services, showcasing a lawsuit that highlights security risks. The conversation also critiques the U.S. government's reliance on foreign contractors for cloud support, raising alarms about national security implications. A fresh approach in cybersecurity strategies is clearly needed!
AI Snips
Chapters
Transcript
Episode notes
Repeated Microsoft Exploit Patterns
- Recent exploitation of Microsoft SharePoint vulnerabilities repeats the 2021 Microsoft Exchange hack pattern exactly.
- This shows that international condemnation failed to deter Chinese hackers from similar cyberattacks.
Focus Cyber Offense Strategically
- Offensive cyber operations should focus on disrupting major Chinese campaigns, not just retaliating for specific incidents.
- Target ongoing strategic threats like Salt Typhoon and Vault Typhoon to better deter cyberattacks.
Outsourced Help Desk Mishap
- Clorox's lawsuit alleges their outsourced help desk gave passwords and reset MFA for hackers.
- This highlights risks and conflicting incentives when outsourcing critical IT support services.