Chinese State Media Denies Hacking Taiwan E-mails

August 12, 2011 Updated: October 24, 2015

China’s mouthpiece media, Xinhua, has denied accusations that they hacked into Taiwan’s opposition party computers, after the Democratic Progressive Party said that infected e-mails had been traced back to Xinhua IP addresses.

The charges are groundless and “terribly tainted Xinhua’s reputation,” said a spokesperson in an article published by the news agency on Wednesday. He then described the accusation itself as “hacking” Xinhua.

Democratic Progressive Party (DPP) staff all laughed when they heard about Xinhua’s reply, said Alex Huang, deputy director of the party’s Policy Research Committee in a telephone interview.

DPP posted a statement on their website on Aug. 9, saying that their IT staff had traced the origin of e-mails containing virus attachments back to the Xinhua in Beijing.

From there, hackers had gone through Xinhua in Australia, and its office in Malaysia, and finally into DPP e-mails. Both Party headquarters and campaign headquarters were hacked.

Huang expressed confidence that their investigation was solid, despite Xinhua’s denial. The IT team also found a second IP address responsible for many of the e-mails—Taiwan’s director of information security, the Research, Development and Evaluation Commission (RDEC).

RDEC issued a statement on Aug. 9 to explain, saying that because they host the computer system for all Taiwanese government branches, its IP address is used for all of them.

“There are two possibilities. Either RDEC’s IP address was used by the hackers, or a Taiwanese government branch sent the e-mails,” said Huang.

In response to the attacks, the RDEC says it will investigate which government branch the e-mails came from. They emphasized that such a thing should not happen again.

“Security is valued by all levels of the government. We will handle information more cautiously,” says the RDEC statement.

Malicious e-mails have increasingly bombarded the DPP as it draws closer to the 2012 presidential election, especially over the past three months, says Huang.

He says he usually receives 10-20 malicious e-mails a day that look like they’ve been written by his colleagues, making it hard to differentiate between the real and the fake. If he opens one of these e-mails and clicks on the attachment, a virus will begin to monitor his computer.

All the staff that were hacked, over 20 people, are involved in the upcoming election and say they suffer from attacks every day.

“The hackers took campaign promotional materials, event schedules, notices, and election information,” said Huang. To prevent future attacks, the Party will communicate more by word of mouth and pen instead of e-mail.

Computer security software company McAfee recently published a report that a “state actor” hacked 72 international organizations, parties, and companies over the past five years.

DPP’s Aug. 9 statement said that experts have also judged the attacks on DPP to be on a state level.

When asked whether the attacks on DPP were similar to those detailed in the McAfee report, Huang replied that the situation was the same.

“Chinese hackers often test out their attacks on Taiwan first,” Huang said.

McAfee reported an unidentified Taiwanese government agency as having been hacked from April 2008 to December. The 2008 Taiwanese presidential election was on March 22.

The Kuomintang (KMT) campaign office also said that recently they were attacked by hackers, without going into detail, according to The China Post.

The party has formed an information security team and informed staff about possible hacking attempts, a KMT spokesperson told the Post.

In a phone call to the KMT, a staff member from the IT team said that he had not received any notification about malware from their e-mail provider.

Huang said, “Regardless of politics, the government should be responsible for the security of people’s mailboxes.