I don't quite understand the mechanism after reading the article. Is the attacker (presumably the PRC) MITM'ing these CDN resources at the infrastructure level? If they had exploits in place within these CDNs (presumably within the PRC's capabilities) HTTPS wouldn't help, no?
More than likely they placed a phone call to Baidu and told them exactly what to do. I doubt it's a technological MITM probably just a social one. A totalitarian state can do that.
that's why probably null routing at ISP level is more likely. the time it takes to adapt to new defenses is much less than what it takes to come to an agreement in cabforum. When things escalate nobody will push vendors to agree on new security features when a blunt instrument like legislation is cheaper. If things escalate they'll just sinkhole all traffic going in and out of China.
I understood it so that if things escalate what would stop them from simply serving malware from Baidu. If CN sees these actors as an attack on their freedom and autonomy to shape internal policy then they could easily justify this (at least to themselves).
