You have to think a lot broader, think outside the box a bit. E.g. when the search app can’t reach the Chinese servers it goes looking for other servers, in other countries, forming a mesh to other devices nearby if necessary, looking for devices with VPNs already configured that can get out. This could be broadly deployed before any oopses, and could be triggered by any number of other means as well. You could suborn the entire network in time, randomize the unfiltered access based on any number of factors, (age of device, presence of other apps etc), fly under the radar for a long time while gradually increasing the frequency and range of allowed devices. Eventually it would be spotted of course, but by then the “damage” would be done. (Hope some Google engineers are taking notes here, lol!)
