Risky Bulletin - Srsly Risky Biz: AI-Powered Espionage Will Favor China

Host: Amberly Jack
Guest: Tom Uren (Policy and Intelligence Editor)
Date: November 20, 2025

Episode Overview

This episode dives into three major cybersecurity topics:

1. Emergence of AI-powered espionage, with a focus on how its capabilities and operating style may provide advantages for Chinese threat actors;
2. Google’s latest legal maneuver against a Chinese phishing operation called “Lighthouse,” and what that means for disrupting cybercriminal infrastructure;
3. Progress in shifting Android development to memory-safe languages like Rust, and the major impact on software security.

Throughout, the conversation is analytical but lively, and leans on real-world impact demonstrated via recent cyber threat intelligence and news.

1. AI-Orchestrated Espionage: A New Real-World Threat

(00:44–13:41)

Key Discussion Points

• Anthropic’s Report:
  Tom explains how Anthropic recently uncovered an AI-orchestrated campaign targeting about 30 organizations. The campaign is attributed to a group supporting China's Ministry of State Security ([01:16]).

  “They created a framework where Claude was orchestrating a whole lot of different actions...by breaking it up and then bringing it back together, assessing the results and making a decision on what to do next.”
  — Tom Uren ([01:46])

• How AI (Claude) Was Utilized:

  • The attackers split up their campaigns into discreet, legitimate-sounding tasks to evade safeguards.

  • The AI performed complex operational tasks—compromising devices, lateral movement, and collecting valuable intelligence—while pausing for human managerial decisions (i.e., key junctures where risk acceptance or value assessment is required). ([02:48])

  • Operational Impact:

    • AI enabled roughly 80-90% automation, with the operator input only required for significant decisions.
    • This model lets a single operator manage about 10 campaigns at once—a “tenfold multiplication” ([04:30]).

    “If you’re running 10 operations at once and Claude screws up three of them, but you don’t care in particular about those three targets...it’s a numbers game.”
    — Tom Uren ([05:29])

• Why This Favors China:

  • China (and actors with broad, opportunistic targeting) benefit most since scale is more valuable to them than perfection; mistakes or “tipping off” a victim are less costly ([06:28]).

  • Western intelligence services focus on high-value, precision targets where mistakes are unacceptable—a model less compatible with this AI-driven approach.

    “Western governments tend to be much more focused on particular targets where it does matter. And what you want is a meticulous, well thought out operation. Having Claude just yolo, it doesn’t seem like a good deal…”
    — Tom Uren ([07:17])

• Standardization & Tooling:

  • AI frameworks can help quickly roll out new tactics and standard operating procedures to large numbers of less-experienced operators, quickly adapting to countermeasure changes ([07:53], [11:40]).

  • The initial campaign seemed like a “research project,” using open-source tools to minimize risk and test the orchestration framework ([09:46], [10:23]).

    “The innovation is in the framework rather than the tools that you use. So if we can string together a whole lot of open source tools and get some wins, that seems like a...really good start.” — Tom Uren ([10:13])

• Potential for North Korea:
  Tom suggests North Korea could also harness these AI orchestration tactics for their diverse cyber operations, such as IT worker scams ([08:55]).

2. Google vs. ‘Lighthouse’ – Legal Action as Cyber Disruption

(13:41–18:23)

Key Discussion Points

• Google’s Lawsuit:

  • Google filed a U.S. lawsuit against “Lighthouse,” a China-based phishing-as-a-service operation, even though the true identities were unknown ([13:41]).
  • Lighthouse is known for text-message phishing (“missed parcel” scams) that trick users into giving up credentials or authorizing their cards on fraudsters’ mobile wallets ([14:17]).

• Surprising Results:

  • Legal action forced Telegram to remove Lighthouse’s public channels, marking a rare compliance by the messaging platform ([15:23]).

  • Further disruptions included domain takedowns linked to the operation, representing tangible impacts.

    “The legal action was enough to get Telegram to kick them off the service, which...they used to never respond to legal request. And so there’s...a history behind that.”
    — Tom Uren ([15:23])

• Broader Strategy:

  • Tom frames this as the beginning of a wider disruption campaign by Google. The legal precedent helps other infrastructure providers justify swift takedowns.

  • It’s “whack-a-mole,” but now at least proactive.

    “There is no like killer blow that will get rid of them. This is the start of Whack a Mole, but at Least you’re playing whack a mole instead of...just not whacking them all.”
    — Tom Uren ([17:50])

3. Memory Safe Programming in Android: Rust’s Success

(18:23–20:46)

Key Discussion Points

• Ongoing Shift to Rust:
  Google has been steadily migrating Android code from C/C++ to Rust—a modern, memory-safe language ([18:39]).

• Key Benefits:

  • Sharp reduction in serious (“memory corruption”) vulnerabilities.

  • Code reviews and updates are happening faster, and mistakes requiring code rollbacks are fewer.

  • Evidence is mounting for memory-safe languages being a better choice for performance-critical software.

    “The number of memory safe vulnerabilities has just dropped drastically...it’s easier to basically review [Rust code]. And it turns out you’re also less likely to make a bad mistake...far fewer rollbacks if you’re writing in Rust.” — Tom Uren ([19:53])

• Industry Impact:
  The move underscores the tech industry’s growing commitment to making major platforms fundamentally safer at the core language level—a big positive for users.

Notable Quotes & Memorable Moments

• On AI democratizing espionage:
  “One person can now run 10 operations and they’re just making that management decisions at particular points...it’s a numbers game.” — Tom Uren ([04:30], [05:29])

• On Western vs Chinese approaches:
  “Western governments tend to be much more focused on particular targets where it does matter...Having Claude just yolo, it doesn’t seem like a good deal...” — Tom Uren ([07:17])

• On disruption, not defeat:
  “There is no like killer blow that will get rid of them. This is the start of Whack a Mole, but at least you’re playing whack a mole instead of...just not whacking them all.” — Tom Uren ([17:50])

• Ending on a rare positive cybersecurity note:
  “It doesn’t feel like often we end the show on what feels like a genuinely good note. So I think that’s a good place to call it, Tom.” — Amberly Jack ([20:46])

Segment Highlights & Timestamps

• AI-powered espionage and Anthropic report: [00:44–09:46]
• Why this model benefits China & other opportunists: [07:06–11:40]
• Tooling, standardization, and research context: [09:46–13:41]
• Google disrupts Lighthouse phishing ops: [13:41–18:23]
• Android’s shift to memory safe Rust: [18:23–20:46]

Conclusion

This episode delivers a nuanced look at how AI is reshaping state-sponsored cyber espionage, why this matters in the West vs. China rivalry, how legal innovation is having real effect on persistent cybercrime infrastructure, and why fundamental software decisions are quietly making a safer internet. The discussion is insightful, with practical and policy-level takeaways for practitioners and policymakers alike.