Identity Games, IoT Intrusions, and Guarding the Guard

From National Guard breaches to China’s cyber ID rollout— plus a malicious microwave?

July 19, 2025

In partnership with

⏱️ ≈ 6–7 minute read

The term “air gap” was coined in the 1970s—but even air-gapped systems have been compromised via printers, USB fans, and, yes, sound waves.

📬 This Week’s Clickables

  • 📌 Big NewsNational Guard breach & China’s cyber ID initiative

  • 🚨 Can’t MissGoogle sues botnet operators, maritime incident rules, Taiwan chip attacks, and malware via Teams

  • 🤖 AI in CyberDeepfake surge, SQLite zero-day blocked by AI, voice scam kidnappings, and AI trust divide

  • 🧪 Strange Cyber StoryThe microwave that joined the hack

🚨 Big Stories

🧂 🌀 China-Linked “Salt Typhoon” Breach Hits U.S. National Guard Systems

Intro: A Chinese APT compromised National Guard systems across more than 70 state and local agencies—and went unnoticed for nearly a year
What Happened: DHS revealed that the group “Salt Typhoon” breached administrative networks using stolen credentials and unpatched software. They accessed network diagrams, system configurations, and admin-level accounts in a campaign believed to date back to April.
Why It’s Important: The scope of this breach—spanning local, state, and federal networks—shows how soft state-level systems have become a new front in global cyber conflict.
The Other Side: Officials say the attackers likely sought information-gathering over disruption, but concerns remain about long-term persistence and lateral movement potential.
The Takeaway: States and NG units must upgrade incident detection and credential segmentation—“trusted” networks are not inherently secure.
TL;DR: The Guard got breached—now 70+ state agencies are playing cleanup.

Further Reading:

👀 China Rolls Out “Voluntary” Cyber ID System Amid Privacy Fears

Intro: China has launched a national cyber ID program—voluntary on paper, but critics aren’t buying it.
What Happened: Chinese citizens and businesses can now register for a state-issued cyber identity token, supposedly to “simplify authentication” and reduce online fraud. However, the system also consolidates activity logs, personal identifiers, and access histories under a centralized state framework.
Why It’s Important: While touted as voluntary, the ID is already being “encouraged” for access to online services, public forums, and digital commerce. Civil society groups warn of future mandates, content control, and deep state surveillance.
The Other Side: Beijing says this will “increase digital trust” and prevent cybercrime—but has refused to clarify data retention or third-party access.
The Takeaway: Cyber IDs are coming globally—but China’s rollout shows how privacy can be rewritten in policy gray zones.
TL;DR: China’s new cyber ID system may simplify logins—but it could supercharge surveillance.

Further Reading:

 🔥 Can’t Miss

  • 📱 Google Sues Operators of BADBOX 2.0 Botnet – The botnet infected over 10M Android devices via pre-installed malware on uncertified phones.
    👉️ Takeaway: Mobile supply chain risks are growing—stick to certified hardware.

  • 🛳️ U.S. Coast Guard Cyber Rule Now in Effect – Maritime operators must now report cyber incidents to the National Response Center.
    👉️ Takeaway: Maritime orgs—start building your response framework. Deadline: Jan 2027.

  • 🧬 China Steps Up Attacks on Taiwan’s Chip Sector – Semiconductor firms across Taiwan report coordinated intrusions, with geopolitical tension rising.
    👉️ Takeaway: If you’re in semiconductors or supply chain security—monitor escalation paths closely.

  • 💬 Hackers Use Microsoft Teams to Deploy DarkGate Malware – Threat actors are now sending malware payloads directly through Microsoft Teams chats using malicious file lures.
    👉️ Takeaway: Review your Teams file-sharing policies—collaboration is now a threat surface.

Expert investment picks that have returned 200%+

AIR Insiders get picks from expert investors and industry leaders sent straight to their inbox every week. Picks like:

Jason Calacanis recommending Uber at $25/share (200%+ return)

Anthony Scaramucci recommending Bitcoin at $29,863 (200%+ return)

Sim Desai recommending OpenAI at an $86 billion market cap (200%+ return)

Looking to invest in real estate, private credit, pre-IPO ventures or crypto? Just sign up for our 2-week free trial so you can experience all the benefits of being an AIR Insider.

🤖 AI in Cyber

🧟‍♂️ Strange Cyber

📶 The Microwave That Hacked Back

Intro: This is why your IT team keeps asking about “rogue IoT.”
What Happened: A small marketing firm in D.C. discovered that a compromised smart microwave had been silently beaconing on their guest network. Eventually, it flashed a message on its display: “System Breached – Check Firewall.” The message coincided with suspicious traffic from four connected IoT printers.
Why It’s Important: This wasn’t a prank—it was part of a coordinated IoT hijack that used smart devices to spread malware across the internal Wi-Fi mesh.
The Other Side: Researchers say the attack was likely opportunistic—not targeted—but still bypassed the firm’s EDR systems.
The Takeaway: If it’s connected, it’s vulnerable. Segment your networks, disable nonessential IoT features, and monitor beaconing traffic.
TL;DR: A hacked microwave issued the breach alert—because no one else noticed.

Further Reading:

Thanks for reading this week’s edition. Like what you see? Forward it!

Hate everything you see or have other feedback? Reply back to this email!