Taiwanese government networks experienced a daily average of 2.4 million cyber-attacks in 2024, most of which were attributed to Chinese state-backed hackers.
This represents double the daily average from 2023 which saw 1.2 million daily attacks targeting government networks, Taiwan’s National Security Bureau said in a new report.
“Although many of those attacks have been effectively detected and blocked, the growing numbers of attacks pinpoint the increasingly severe nature of China’s hacking activities,” the Bureau warned.
The report also highlighted a substantial rise in People’s Republic of China (PRC) cyber-attacks targeting critical industries in Taiwan. This includes telecommunications (650% increase), transportation (70%) and defense supply chain (57%).
Security researchers have also observed significant Chinese cyber activity in Taiwan over recent years amid rising geopolitical tensions around the Island territory’s self-governing status.
Read now: US Treasury Computers Accessed by China in Supply Chain Attack
How Chinese Hackers Target Taiwan
The report highlighted a range of techniques employed by PRC hackers and noted that attacks against Taiwanese government agencies are typically designed to steal confidential data.
The Bureau said PRC hackers often exploit vulnerabilities in Netcom devices and utilize evasion techniques such as living-off-the-land.
Social engineering techniques have also been deployed which target the emails of Taiwanese civil servants for espionage purposes.
China uses a range of tactics to infiltrate and compromise Taiwan’s critical infrastructure systems, such as highways and ports, to disrupt the Island’s transportation and logistics.
Other cyber tactics include phishing attacks, compromise of zero day vulnerabilities and use of Trojans and backdoors.
Additionally, DDoS attacks are used to “harass” and “intimidate” Taiwan when carried out on the Island’s transportation and financial sectors while China conducts military drills in the area, the Bureau noted.
Other commonly observed Chinese attacks against Taiwanese targets include:
- Ransomware and other cybercrime techniques against manufacturing companies
- Theft of information about patented technologies developed by startups
- Stealing personal data of Taiwanese nationals and selling that information on the dark web
The Bureau said the hack and leak of Taiwanese citizens’ data helps generate profits and are also designed to undermine the credibility of the Taiwanese government.
“China has continued to intensify its cyber-attacks against Taiwan. By applying diverse hacking techniques, China has conducted reconnaissance, set cyber ambushes, and stolen data through hacking operations targeting Taiwan’s government, critical infrastructure and key private enterprises,” the Bureau wrote.
The report also highlighted the success of Taiwan’s joint security defense mechanism in ensuring that threat information is shared in real time among intelligence sources and government agencies.