Attacked by CCP Cyber Army, Taiwan Government Information Security Being Shored Up

By Yunyun Huang
Yunyun Huang
Yunyun Huang
August 13, 2022 Updated: August 13, 2022

Taiwan is facing political, economic, and military coercion from the Chinese Communist Party (CCP) amid a significant increase in cyber-attacks on government departments, according to Taiwan Premier Su Tseng-chang. The completeness of security and protection of government agencies has recently gained public attention.

ROC Defense Department Confirmed Cyber-attack from Beijing

The Ministry of National Defense of the Republic of China (ROC), that is, Taiwan, held a press conference on Tuesday, confirming that in addition to military exercises, the Chinese Communist Party (CP) has also launched a cognitive warfare and cyber-attack on major global information websites in Taiwan.

The official website of the Ministry of National Defense was hacked on March 3. According to a search by the response team of the Ministry, the website was flooded with requests for connections from multiple suspicious computer IP addresses at the same time, causing the network traffic to exceed the limit and making it impossible to access the website.

According to the Political Warfare Bureau of ROC, the CCP launched a cognitive warfare ahead of its military exercises. From Aug. 1 to Aug. 8, a total of 272 controversial messages were copied and distributed to call for “unity by force” and undermine the authority of the ROC government.

Speaking of the CCP’s cognitive warfare, Chen Yu-lin, Deputy Director of the Political Warfare Bureau, pointed out that with the rapid development of online communities and media, the style of warfare has changed greatly from what it was in the past.

Cognitive warfare, in particular, destroys the existing networks of society and makes if difficult to have a decisive influence on the battlefield, she said.

The Defense Ministry urged the public not to ignore disputed messages.

Numerous Cyberattacks Launched Abroad

The ROC’s presidential office, Ministry of Foreign Affairs, Ministry of National Defense, and other agencies have all recently experienced Level 1 information security incidents. Government agencies and critical infrastructure websites have been attacked by foreign forces in distributed denial-of-service (DDoS) attacks.

A DDoS attack on a website is like a busy line, Digital Minister Audrey Tang, who is Taiwan’s first minister of digital affairs, explained to Liberty Times Net on Aug.7.

“If a large number of cross-border calls from abroad are made to a designated line in an instant, it is impossible to dial in,” she said. “In fact, the phone line is not broken, and government information is not leaked.”

Tang said that critical infrastructure related to government agencies’ websites is now well protected and that such hacking is intended to cause psychological panic among the public. At present, digital websites are piloting a distributed architecture based on Web3, which is asymmetric and has not been subjected to recent DDoS attacks. If successful, it will be extended to all government ministries and commissions. In the future, the applicable boundaries of Web3 architecture and domestic laws for international operators will be established; relevant guidelines will also be set up for gradual implementation.

The official websites of ROC’s government agencies have repeatedly experienced overseas cyberattacks, which peaked on Aug. 2, 23 times the previous daily peak. Audrey Tang confirmed on Aug. 11 that (the government) had been continuing to monitor the network attack situation.

According to the statistics of Taiwan Network Information Center (TWNIC), during the period of Aug. 2 to Aug. 3, the maximum query volume of national top-level network domain DNS was about 85,000 times per second, among which malicious attack traffic accounted for 75 percent of the whole. The source is mainly cloud operators from the United States and China.

IThome, a Taiwanese news media revealed that even after Nancy Pelosi left Taiwan, the CCP’s cyberattacks did not stop. For example, FTV News was attacked by DDoS on Aug. 6, 7, 8, and 10. FTV’s live YouTube program was tampered with by hackers on Aug. 6. The homepage of the official website of the Academic Affairs Office and R&D Office of National Taiwan University was replaced by hackers on Aug. 7, with the words “There is only one China” and “China, not even a bit can be left behind” appearing on the homepage with a red background.

In terms of false messages, the most notable one was faking the well-known hacker group “APT 27,” which claimed that it had hacked into the systems of important departments in Taiwan and possessed the “zero-time difference loophole” of 200,000 IoT devices, which was enough to launch cyberattacks to shake Taiwan.

Despite the apparent simplicity of these cyberattacks, experts are urging continued vigilance. Schee Tzu-han, a tech entrepreneur who has advised the Taipei City government on digital issues, told The Wall Street Journal on Aug. 10 that the low-tech attacks could actually gather intelligence on Taiwan’s cyber defense for use in the next attack.

Alastair MacGibbon, chief strategy officer of Australian cybersecurity firm CyberCX, echoed Schee’s view in saying that he isn’t concerned about high-profile attacks on Taiwan’s government websites, but rather, the extent to which the CCP might have infiltrated so-called “core systems,” such as supply chain systems.

TV Walls Attacked

The CCP cyber army attacked several public TV walls in train stations and supermarkets in Taiwan to transmit slogans such as “Pelosi, the war monger, get out of Taiwan” and “The great China will finally be reunified.” It was later revealed by legislator(s) that the software used by TSRC TV was that of Colorlight, a Chinese company.

The ROC’s Executive Yuan (a branch of government) in April 2019 adopted the principle of restricting the use of products that endanger the security of national information and communications, which restricts the use of Huawei and Hikvision products by government agencies, said Hsu Kuang-tse, a researcher at the Economic Democracy Union, a Taiwanese nongovernmental organization. The Executive Yuan also sent a letter requesting all government agencies not to use Chinese brands in their ICT products and not to connect them with government work, and requires them to replace their use or stop purchasing Chinese brands by the end of 2021.

Hsu said the ban on the use of Chinese-branded ICT products by government agencies was a trend in democratic countries and should have been strictly enforced by the Executive Yuan. However, failure to effectively implement the policy was clearly reflected in the recent TV wall incident.

Hsu demanded that the Executive Yuan submit a comprehensive audit report on the use of Chinese communication products by public agencies, including outsourced contractors and advertisers, and proposed a list of penalties for non-compliance before the Legislative Yuan convenes.

Audrey Tang said that the TV wall incident is mainly information and psychological warfare whose purpose is to trigger public panic. Although the hacking of TV walls does not involve an information security crisis, it should be considered a tactic in a mixed warfare.

In response to the information security loopholes in this cyberattack, the Executive Yuan said that it has started to revise the principles of restricting the use of products that endanger national information security by various authorities, and that security-hazardous information products or services cannot be used on electronic screens in the public domain in the future, including the central government, local governments, administrative corporations, public facilities, Taiwan Railway, High Speed Rail, MRT, etc.

Financial Warfare Exercises Suggested: Taiwan Think Tank

With regard to the CCP’s military exercises becoming normalized, Taiwan’s Financial Research and Training Institute Director Dr. Hank C.C. Huang advocates conducting simulated military exercises to deal with financial warfare. Financial warfare exercises, including financial stress tests conducted by the Ministry of Finance and the Ministry of National Security, are called “Financial Han Kwang Exercises” in Taiwan, and generally refer to a nationwide military exercise in which the CCP Army is the imagined enemy.

Wang Ping, an academician at Taiwan’s Academia Sinica, said on Aug. 9 that the rising tensions across the Taiwan Strait have a great impact on Taiwan’s industries.

“Although the financial sector has no production chain problems, security is more important,” he said. “The financial sector should conduct a complete risk assessment in advance and conduct financial warfare exercises.”

The company’s main goal is to provide a comprehensive range of products and services to the public. An official from the ROC’s Financial Supervisory Commission pointed out that the commission has adopted individual and overall prudent supervision of the financial industry.

“[We] have been monitoring the risks at all times,” he said.

The Ministry of Finance has activated the information security alert response team, mobilizing the eight major public banks, Taiwan’s tobacco and liquor companies, customs and trade, and other business institutions, to regularly check their websites for signs of hacking.

Wang Jian-an, an associate professor of finance at National Chi Nan University, said in a commentary published in United Daily News that traditional bank stress tests and financial supervision ignore operational risks to some extent.

“In the face of the increasing possibility of military conflict, a financial stabilization program should be proposed for national security to maintain the basic functioning of society,” he said.

Yunyun Huang