Saturday, Mar 08, 2025 // (IG): BB // GITHUB // SN R&D
U.S. Lawmakers Press Chinese Telecom Giants Over National Security Risks
Bottom Line Up Front (BLUF): U.S. lawmakers have demanded answers from China Mobile, China Telecom, and China Unicom about their ties to the Chinese military and government, citing national security threats. The bipartisan inquiry follows concerns that these firms may facilitate espionage or cyber sabotage through their cloud and internet operations in the U.S. The companies have until March 31 to respond.
Analyst Comments: While the FCC has already revoked these firms’ telecom licenses, their continued operation in cloud services and internet traffic routing remains a loophole. Given past cyberattacks linked to China, such as Salt Typhoon and Volt Typhoon, lawmakers are likely to push for broader restrictions. However, completely eliminating Chinese tech influence in U.S. infrastructure may prove challenging, as American businesses remain deeply integrated with global supply chains.
FROM THE MEDIA: U.S. Representatives Raja Krishnamoorthi and John Moolenaar sent letters to China’s top telecom firms demanding transparency about their links to Beijing. Citing a 2024 Commerce Department investigation, they warned that these companies could exploit their access to U.S. internet infrastructure for espionage. The concerns stem from a history of cyber threats attributed to China, including the Salt Typhoon hack, which compromised sensitive American telecom data. The lawmakers noted that while the FCC previously blocked these firms from offering telecom services, they still provide cloud computing and internet backbone services, posing a potential security risk. China has denied involvement in cyberattacks, but U.S. authorities remain cautious.
READ THE STORY: The Straits Times
Two U.S. Army Soldiers and Veteran Charged with Selling Military Secrets to China
Bottom Line Up Front (BLUF): Two active-duty U.S. Army soldiers and a former soldier have been arrested and charged with espionage for allegedly selling classified military information to Chinese agents. The Department of Justice (DOJ) revealed that Sgt. Jian Zhao, 1st Lt. Li Tian, and former soldier Ruoyu Duan were involved in a scheme to transmit sensitive U.S. military data, including details on combat vehicles, HIMARS rocket systems, and encrypted military computers, in exchange for over $50,000. The alleged espionage occurred between 2021 and 2024, with transactions conducted via encrypted messaging and digital payment platforms linked to China.
Analyst Comments: The growing threat of insider espionage within the U.S. military and the effectiveness of China’s recruitment efforts targeting military personnel. Using encrypted communication platforms and digital payments reflects a sophisticated operational approach by foreign intelligence services. The involvement of an active-duty officer (Tian) and a logistics specialist (Zhao) suggests that Chinese intelligence operatives target personnel with strategic access to supply chains, equipment, and tactical planning documents. These arrests should serve as a wake-up call for enhanced counterintelligence training, monitoring of financial transactions, and stricter cybersecurity measures within the military.
FROM THE MEDIA: DOJ announced that Sgt. Jian Zhao, Lt. Li Tian, and former soldier Ruoyu Duan had been charged with conspiring to transmit national defense information, bribery, and theft of government property. According to court documents, Zhao, a supply sergeant for the 17th Field Artillery Brigade at Joint Base Lewis-McChord (JBLM), Washington, allegedly stole 20 encrypted hard drives, classified training manuals, and information on U.S. military drills in the Indo-Pacific region, selling the materials for $15,000 through encrypted messaging apps. Tian, a health services officer at JBLM, was responsible for obtaining classified data on Bradley and Stryker armored fighting vehicles, which he allegedly transferred via personal email and cloud storage before selling to Duan for $500. Duan, a former Army soldier from 2013 to 2017, acted as a middleman, receiving $38,500 from China-linked PayPal accounts and $14,600 from Zelle transactions.
READ THE STORY: TP // The Record
U.S. Weighs Easing Russia Energy Sanctions If Ukraine War Ends
Bottom Line Up Front (BLUF): The U.S. government is exploring options to swiftly lift sanctions on Russia’s energy sector if Moscow agrees to end the Ukraine war. The White House has directed the Treasury Department to prepare plans for rolling back restrictions on Russian oil and gas ahead of potential peace talks between Presidents Trump and Putin. However, Trump has also warned of harsher sanctions if Russia delays negotiations.
Analyst Comments: While sanctions have curbed Russia’s war financing, they have also disrupted global energy markets. Preparing for rapid de-escalation signals that the U.S. wants leverage in peace talks, it also risks sending mixed signals to allies, particularly in Europe, which has sought long-term energy independence from Russia. Additionally, lifting restrictions could lower global oil prices, impacting U.S. energy exports. The challenge will be balancing diplomatic pressure on Russia while maintaining credibility in sanction enforcement.
FROM THE MEDIA: Reuters reported that the White House has tasked the Treasury Department with identifying ways to ease sanctions on Russia’s energy sector in case of a peace agreement. Since the invasion of Ukraine, Russia’s oil exports have been capped at $60 per barrel, limiting its revenue. The U.S. has also led efforts to restrict Russian financial networks. Trump, who plans to meet Putin in Saudi Arabia for peace talks, has suggested that sanction relief will be a key bargaining chip. However, after a recent Russian attack on Ukraine’s energy infrastructure, Trump also threatened new large-scale sanctions if Russia stall negotiations. The Treasury also reviews how lifting sanctions could affect global oil prices and energy trade flows, particularly as Europe shifts away from Russian supplies.
READ THE STORY: Reuters
Could Eutelsat Replace Starlink in Ukraine’s War Effort?
Bottom Line Up Front (BLUF): With concerns that Ukraine may lose access to SpaceX’s Starlink, European satellite operator Eutelsat is emerging as a possible alternative. Following a dispute between U.S. and Ukrainian leaders, Eutelsat has confirmed discussions with the EU about expanding its services to Ukraine. However, Eutelsat’s capabilities, pricing, and infrastructure differ significantly from Starlink, raising questions about its viability as a complete replacement.
Analyst Comments: Starlink has been essential for Ukraine’s military communications, particularly in frontline areas where traditional infrastructure is compromised. While Eutelsat's OneWeb satellite network provides an alternative, its higher costs and minor satellite constellation may limit its effectiveness. Additionally, geopolitical factors—including the influence of France and Britain, which hold a stake in Eutelsat—could affect long-term service commitments. If Starlink access is restricted, Ukraine may need a mix of satellite providers rather than a single replacement, highlighting the broader strategic role of satellite communications in modern warfare.
FROM THE MEDIA: Reuters reported that Eutelsat is in talks with the EU about increasing its satellite services to Ukraine amid uncertainty over Starlink’s future availability. Starlink has been crucial for Ukraine’s military and civilian communications, particularly following extensive damage to traditional infrastructure. While Eutelsat’s OneWeb network has 630 low-earth orbit (LEO) satellites and additional geostationary satellites, it lags behind Starlink’s 7,000+ satellites in coverage and speed. OneWeb’s terminals are also significantly more expensive, costing up to $10,000 compared to Starlink’s $589 per unit. France and Britain, which jointly own nearly 25% of Eutelsat, may influence funding decisions for Ukraine’s access to OneWeb. Other satellite providers, including Luxembourg-based SES and EU-backed initiatives like IRIS², are potential future options but remain years away from full deployment.
READ THE STORY: Reuters
Canada Warns of AI-Driven Election Interference by Foreign Actors
Bottom Line Up Front (BLUF): Canada’s Communications Security Establishment (CSE) has warned about the growing threat of AI-powered election interference. A new report highlights that generative AI has been used in at least 102 cases to influence 41 global elections between 2023 and 2024. While the integrity of Canada’s democratic process is unlikely to be fundamentally undermined, the report warns of increasing disinformation, AI-powered phishing, and deepfake attacks—primarily linked to China and Russia.
Analyst Comments: AI rapidly transforms election interference tactics, making disinformation campaigns more sophisticated and scalable. The combination of stolen voter data, AI-generated content, and targeted social engineering attacks presents a significant challenge for democracies. China’s focus on mass data collection gives it a strategic advantage in crafting tailored influence operations, while Russia’s history of election meddling suggests continued engagement. Although Canada’s paper-based voting system reduces direct cyber threats to ballots, AI-powered disinformation and phishing attempts against politicians, election officials, and the public could still shape electoral outcomes.
FROM THE MEDIA: CSE released an updated report detailing the growing role of AI in election interference. The report found that AI-driven disinformation campaigns have surged, with 60 cases of AI-generated synthetic disinformation and 34 AI-enabled botnet operations affecting elections worldwide. China, Russia, and Iran are cited as key actors using AI to amplify propaganda and collect voter data. The report also highlights the use of AI to create deepfake pornography targeting female politicians, potentially deterring democratic participation. While large-scale cyberattacks on Canada’s election infrastructure remain unlikely, AI-enhanced cyber threats against politicians and electoral institutions are expected to rise.
READ THE STORY: The Record
International Law Enforcement Seizes Russian Crypto Exchange Garantex
Bottom Line Up Front (BLUF): A coalition of international law enforcement agencies has taken down Garantex, a Russian cryptocurrency exchange heavily used by cybercriminals for money laundering. The U.S. Secret Service, Europol, the FBI, and other agencies seized the exchange’s domains following sanctions imposed by the U.S. in 2022 and the European Union in February 2025. U.S. prosecutors have also charged two alleged administrators of the exchange.
Analyst Comments: The takedown of Garantex is part of a broader global crackdown on illicit financial networks enabling cybercrime, particularly ransomware operations. This action mirrors previous enforcement against Hydra Market and follows a pattern of targeting financial enablers rather than just individual threat actors. While this seizure will disrupt cybercriminals’ operations, history suggests they will migrate to alternative platforms or develop new laundering techniques. The long-term impact of this action will depend on sustained enforcement and international cooperation.
FROM THE MEDIA: The operation was coordinated with multiple law enforcement agencies, including the FBI, Europol, and authorities from Germany, the Netherlands, Finland, and Estonia. Garantex had been sanctioned by the U.S. Treasury in 2022 for laundering over $100 million, including funds linked to the Russian ransomware group Conti and the now-defunct Hydra darknet marketplace. The European Union followed suit with sanctions in February 2025, citing Garantex’s role in helping Russian banks evade restrictions. Following the exchange’s takedown, U.S. prosecutors have now charged two individuals accused of administering the platform.
READ THE STORY: The Register
China Retaliates Against Canada with New Agricultural Tariffs
Bottom Line Up Front (BLUF): China has announced tariffs on $2.6 billion worth of Canadian agricultural and food products, including a 100% tariff on rapeseed oil and a 25% tariff on pork and seafood. The move is in direct retaliation for Canada’s 2024 tariffs on Chinese electric vehicles and steel. While China has excluded canola—one of Canada’s top exports—the move signals a warning amid ongoing trade tensions driven by U.S. protectionist policies.
Analyst Comments: This latest escalation reflects the broader trade war dynamics involving China, Canada, and the U.S. Beijing’s exclusion of canola from the tariffs suggests room for negotiation, possibly leveraging Canada’s upcoming elections as an opportunity for a diplomatic reset. However, the retaliation aligns with China’s strategy of targeting politically sensitive industries, as seen in past disputes with Australia. If tensions persist, Canadian exporters may face long-term disruptions, pushing Canada to seek alternative markets.
FROM THE MEDIA: China’s Ministry of Commerce announced retaliatory tariffs on key Canadian agricultural products, set to take effect on March 20. The new levies mirror Canada’s October 2024 tariffs on Chinese-made EVs and steel. Analysts suggest China’s response was delayed due to ongoing disputes with the U.S. and EU, but it serves as a clear warning against Canada’s alignment with American trade policies. Despite targeting rapeseed oil, pork, and seafood, China notably omitted canola, leaving space for future negotiations. Canada’s government has not responded officially, but trade experts believe Beijing may use the upcoming Canadian elections as leverage for future trade talks.
READ THE STORY: Reuters
Axiom Space and Red Hat to Deploy Edge Computing on the ISS
Bottom Line Up Front (BLUF): Axiom Space is launching its Data Center Unit-1 (AxDCU-1) to the International Space Station (ISS) in Spring 2025, running Red Hat Device Edge. This initiative will test cloud computing, AI/ML applications, data fusion, and space cybersecurity in orbit. AxDCU-1 will be a stepping stone toward Axiom’s long-term vision of an Orbital Data Center (ODC).
Analyst Comments: The push for edge computing in space is driven by the need for faster data processing and reduced reliance on Earth-based networks. While HPE and ESA have already tested space computing, Axiom’s collaboration with Red Hat signals a broader move toward commercialized in-orbit cloud computing. This could pave the way for real-time AI-driven decision-making in space missions, enhanced cybersecurity for orbital assets, and better handling of deep-space exploration data. However, hardware resilience, latency issues, and cybersecurity challenges remain key hurdles for widespread adoption.
FROM THE MEDIA: Axiom’s AxDCU-1, a shoebox-sized computing node, will operate aboard the ISS for at least two years. The system will support ground-to-space and space-to-space communications while running Red Hat Device Edge, which integrates Red Hat Enterprise Linux, Ansible, and MicroShift (a Kubernetes-based platform). This follows previous HPE Spaceborne computers and ESA’s Raspberry Pi AstroPi experiments, positioning AxDCU-1 as a mid-tier solution. The launch timeline is uncertain, as potential delays may arise from NASA’s shifting cargo manifest and damage to the Cygnus Cargo Module for a June 2025 resupply mission.
READ THE STORY: The Register
Cobalt Strike Abuse Drops 80% Following Global Crackdown
Bottom Line Up Front (BLUF): The malicious use of unauthorized copies of Cobalt Strike has decreased by 80% over the past two years, thanks to coordinated efforts by Fortra, Microsoft, and law enforcement agencies worldwide. The operation, codenamed "Morpheus," led to the takedown of 593 illicit servers and the seizure of over 200 malicious domains. This effort has significantly reduced cybercriminals' ability to deploy Cobalt Strike in ransomware and espionage campaigns.
Analyst Comments: The decline in unauthorized Cobalt Strike usage is a significant success in disrupting cybercriminal infrastructure. By targeting command-and-control (C2) servers and blocking illicit versions of the tool, authorities have effectively limited a key weapon used by ransomware groups and nation-state actors. However, adversaries will likely pivot to alternative tools like Brute Ratel or homegrown frameworks to evade detection. Collaborating between cybersecurity firms and law enforcement will be critical in maintaining this momentum.
FROM THE MEDIA: Fortra, which owns Cobalt Strike, announced in March of 2025 that its multi-year crackdown—launched in 2023 with Microsoft and Health-ISAC—has dramatically curtailed the use of pirated copies. The operation, led by the UK’s National Crime Agency and supported by law enforcement in the U.S., Canada, Germany, and other nations, identified and disrupted nearly 700 malicious IP addresses. Microsoft has previously linked cracked versions of Cobalt Strike to cyber operations from Russia, China, Vietnam, and Iran. The initiative also reduced the average time it takes to shut down malicious servers to less than one week in the U.S. and two weeks globally.
READ THE STORY: The Record
Broadcom Reports Strong Growth Post-VMware Acquisition, AI Expansion
Bottom Line Up Front (BLUF): Broadcom’s VMware acquisition is paying off, with 70% of its largest customers adopting the pricey VMware Cloud Foundation (VCF) bundle. The company reported a 25% revenue increase for Q1 2025, primarily driven by its new subscription model. Meanwhile, Broadcom is deepening its AI push, securing more hyperscaler deals for custom AI accelerators and advancing next-gen chip technology.
Analyst Comments: Bundling VMware products under higher-cost subscriptions has significantly boosted revenue, though it risks alienating long-time customers. While some enterprises are migrating away from VMware, Broadcom’s aggressive pricing model is offsetting those losses. On the AI front, Broadcom’s growing role in hyperscaler infrastructure suggests a shift toward competing with Nvidia in high-performance AI hardware. The company’s long-term success will depend on maintaining VMware customer loyalty while capitalizing on the AI boom.
FROM THE MEDIA: Its infrastructure software unit, now encompassing VMware, saw revenue jump to $6.7 billion. CEO Hock Tan credited much of the growth to the strong adoption of VMware Cloud Foundation, which has been bundled into subscription-based plans. In parallel, Broadcom’s AI semiconductor business brought in $4.1 billion—up 77%—as it expanded its partnerships with hyperscalers for custom AI accelerators. The company is developing 2nm AI chips and Ethernet-based million-accelerator clusters by 2027. Broadcom’s stock remains down 25% for the year despite strong earnings due to AI market shifts and potential U.S. trade tariffs.
READ THE STORY: The Register
White House Cyber Office Gains Power Under Second Trump Administration
Bottom Line Up Front (BLUF): The Office of the National Cyber Director (ONCD) is expected to take on a more influential role in shaping U.S. cybersecurity policy under President Trump’s second term. Sean Cairncross, a close political ally of Trump, has been nominated to lead ONCD, signaling a shift in power from the National Security Council (NSC). The administration is also prioritizing offensive cyber operations, with experts predicting more aggressive actions against adversaries.
Analyst Comments: ONCD’s rise reflects a broader restructuring of U.S. cyber policy, consolidating decision-making power within the executive branch. Unlike the Biden administration, which relied heavily on the NSC, Trump’s team appears set on giving ONCD a stronger role in setting cyber priorities and reducing regulatory burdens on private industry. While this could streamline cybersecurity efforts, Cairncross’s lack of direct cyber experience raises concerns about whether the office will focus more on political strategy than technical expertise. Additionally, a shift toward more offensive cyber operations could increase geopolitical tensions, particularly with China and Russia.
FROM THE MEDIA: Cairncross, a longtime Trump ally, is expected to be confirmed by the Senate and will oversee coordination between agencies like CISA, the NSA, and the NSC. Under the Biden administration, cyber policy was largely managed by NSC’s Anne Neuberger, whose role was eliminated by Trump. The shift in leadership also aligns with National Security Adviser Michael Waltz’s push for stronger offensive cyber operations. Observers note that ONCD will work to streamline cybersecurity regulations and enhance coordination across government agencies.
READ THE STORY: The Record
Eric Schmidt Warns Against U.S. AI ‘Manhattan Project’ Amid Global AI Arms Race
Bottom Line Up Front (BLUF): Former Google CEO Eric Schmidt and co-authors caution that a U.S.-led AI “Manhattan Project” could trigger preemptive cyberattacks from rivals like China. Their paper, Superintelligence Strategy, compares AI to nuclear weapons and warns of a scenario they call "Mutual Assured AI Malfunction" (MAIM), where nations engage in sabotage rather than accept AI dominance by a single power. The authors advocate for AI deterrence strategies rather than a reckless pursuit of superintelligence.
Analyst Comments: Schmidt’s argument highlights growing concerns about the geopolitical risks of AI supremacy. The comparison to nuclear deterrence suggests that AI development may lead to destabilizing cyber conflicts rather than peaceful competition. While the paper presents alternative strategies—including global AI governance—it underestimates the likelihood that major powers will prioritize technological dominance over cooperation. The reality is that both the U.S. and China are already deeply invested in AI militarization, making a true global AI arms control agreement unlikely.
FROM THE MEDIA: Schmidt’s paper, co-authored with Dan Hendrycks of the Center for AI Safety and Alexandr Wang of Scale AI, warns that rapid AI advancements could destabilize global power dynamics. They argue that an AI superintelligence monopoly would provoke retaliatory sabotage from other nations, similar to Cold War nuclear deterrence. The paper critiques the U.S.-China Economic and Security Review Commission’s proposal for a government-funded AI research hub, warning that such an effort would likely escalate tensions rather than ensure U.S. security. Instead, the authors propose three alternative strategies: unrestricted AI development, a global AI moratorium, or an international AI consortium. However, they acknowledge that the U.S. is more likely to take a hands-off approach, allowing private industry to drive AI innovation without significant regulation.
READ THE STORY: The Register
Items of interest
U.S. Re-Designates Houthis as a Foreign Terrorist Organization
Bottom Line Up Front (BLUF): The U.S. has officially re-designated Yemen’s Iran-backed Houthi militia as a Foreign Terrorist Organization (FTO), reversing a 2021 decision by the Biden administration. This move follows continued Houthi attacks on U.S. and allied forces, as well as disruptions to global shipping in the Red Sea. The designation imposes stricter sanctions and legal penalties on entities providing material support to the group.
Analyst Comments: Their targeting of international shipping, U.S. military assets, and Israeli territory has heightened tensions in the Middle East. The re-designation could increase financial and logistical pressure on the group, but it may also escalate hostilities, drawing the U.S. further into the regional conflict. Whether this move effectively curtails Houthi aggression or provokes further escalation remains to be seen.
FROM THE MEDIA: The Trump administration reinstated the Houthis as a Foreign Terrorist Organization, citing their ongoing attacks on U.S. and allied interests. This follows their use of Iranian-supplied missiles and drones to strike Israeli and U.S. targets, as well as their blockade of Red Sea trade routes, which caused global shipping disruptions and increased costs. Secretary of State Marco Rubio highlighted intelligence indicating the Houthis are selectively targeting U.S. and allied vessels while sparing Chinese-flagged ships. The decision also comes as the U.N. suspended aid to Houthi-controlled areas after militants took humanitarian workers hostage in January. The administration has hinted at stronger military responses if the group continues its aggression.
READ THE STORY: WSJ
US Redesignates Houthi Rebels as Terrorist Group (Video)
FROM THE MEDIA: The U.S. military carried out an attack against missile launch sites inside Houthi-controlled areas of Yemen after a Houthi attack late Wednesday that damaged a U.S.-owned commercial ship sailing in the Gulf of Aden. The attacks came as the United States redesignated Yemen’s Iranian-backed Houthi rebels as a global terrorist organization following weeks of missile and drone attacks on international shipping in the Red Sea and the Gulf. But as VOA Pentagon correspondent Carla Babb reports, critics remain concerned about Iran’s increasing aggression in the region.
Donald Trump News | Trump Redesignates Iran-Backed Houthi Rebels As Foreign Terrorist Organization (Video)
FROM THE MEDIA: US President Donald Trump signed an executive order to designate once again Yemen's Iran-backed Huthi rebels a "foreign terrorist organization," the White House announced Wednesday.
The selected stories cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in its original material or related links on its sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.