A note on a piece of paper indicating that China-based hackers, presumed to belong to a special unit under China's People's Liberation Army (PLA), had broken into the legislature's computer system, has rattled cyber security personnel over the past two weeks.
Some legislative assistants said they received the note from the Ministry of Justice's Investigation Bureau (MJIB) on July 6, but the bureau refused to confirm that it had sent the note.
Security concerns
According to the note, a backdoor program installed on 24 different computers in the offices of legislators from across party lines -- including one used by Legislative Speaker Wang Jin-pyng's (
"We have located the hackers and discovered that they were PLA officials based in Fujian Province," an anonymous source from the bureau was quoted by Lin Hong-chan (
An official with the MJIB's Computer Crime Prevention Center, who asked not to be named, told the Taipei Times in a telephone interview that the agency was aware of the situation and had warned some legislators of the attack.
Tracing the attack
Lin said the problem came to light because the MJIB found that some e-mails dispatched from a relay station based in the US had been sent in the name of Taiwan's legislators.
"They [MJIB special agents] traced the origin of those e-mails and found out it was Fujian-based hackers who had used a specially designed attack Web site to install a Trojan horse program on legislators' office computers," Lin said.
The note said that computers used in the offices of Chinese Nationalist Party (KMT) Legislator Su Chi (
The Trojan horse program also entered some computers in the offices of the DPP and TSU legislative caucuses, according to the note.
Lee Ming-yueh (
"Two computers out of six in our office were attacked. One was for keeping the legislator's schedule and the other was for receiving and sending all documents," he said.
He added: "The computer that was attacked in the [DPP] caucus office was used by an assistant who is in charge of gathering all information and reporting to the head of the caucus."
Inside help?
Lee's concern led to a presumption that the attack was not launched by Chinese hackers alone. Rather, the hackers had possibly collaborated with legislative staff.
"We haven't ruled out that there might be internal personnel involved in the matter, but we don't know this for sure at the moment," said Chen Hsi-yang (陳熙揚), director of the Information and Technology Department at the legislature.
Chen Shi-yang said that the legislature has set up firewalls, which can prevent the Chinese hackers from getting inside its computers.
"We installed a virus scanner for e-mails coming in and out of the legislature. Also, we used Dynamic Host Configuration Protocol [DHCP] to dynamically allocate IP addresses, meaning that there is no way that outside hackers can know any single IP address belonging to the legislature's computers and select their targets," he said.
In the wake of the release of the note, which listed the IP addresses and user numbers of the computers that were attacked, the legislature's cyber security personnel have since July 4 been trying to fix the virus problem.
"We have fixed 15 of the 24 affected computers and quarantined a virus in the other nine computers. Now we are waiting for Philippines-based Trend Micro [Corp] to get back to us on solutions for the various viruses on those nine computers," the director said.
Denial
The Information and Technology Department, however, denied that PLA was the source of the hackers and said the MJIB had first discovered the virus.
"According to Trend Micro's description of the virus, named BKDR_BIFROSE_JH, it was a backdoor-attached virus, but it was not from the PLA," Chen Shi-yang said.
The virus was found by the department's Security Operation Center and not by the MJIB, Chen Shi-yang added.
"Indeed, there's a threat that the PLA's hackers might attack the legislature's network system, but we have done our best to secure it against hackers," the director said.
READY: The CGA said it closely monitored China’s maritime exercise, deployed vessels to shadow the Chinese ships one-on-one and set up emergency response centers Chinese navy and coast guard ships have returned to China, signaling the end of a massive maritime exercise, authorities said yesterday. The Coast Guard Administration (CGA) released images it said showed Chinese vessels sailing north in rough seas past Taiwan on Thursday, on their way to China. “All the Chinese coast guard went back to China yesterday, so although they have not officially made any announcement, we consider it over,” CGA Deputy Director-General Hsieh Ching-chin (謝慶欽) said. Beijing has not confirmed the drills and the Chinese Ministry of National Defense did not say whether the maneuvers had taken place when asked at a
People can take the Taipei MRT free of charge if they access it at Nanjing Sanmin Station or Taipei Arena Station on the Green Line between 12am and 6am on Jan. 1, the Taipei Department of Transportation said on Friday, outlining its plans to ease crowding during New Year’s events in the capital. More than 200,000 people are expected to attend New Year’s Eve events in Taipei, with singer A-mei (張惠妹) performing at the Taipei Dome and the city government’s New Year’s Eve party at Taipei City Hall Plaza, the department said. As people have tended to use the MRT’s Blue or
PUBLIC TRANSPORT: As some roads would be fully or partially closed, people are advised to take the MRT, with services expanded to accommodate more riders This year’s Taipei Marathon, which has obtained its first gold label certification from World Athletics, is to be held from 5am to 1pm tomorrow and would have 28,000 participants. The race is to start from the Taipei City Plaza and would go through major roads throughout the city, with traffic control implemented from 6am to 2pm, officials said. The Taipei Mass Rapid Transit (MRT) system and New Taipei City MRT Circle line would start operating at 5am on the day of the race, they said. The race would cover Renai Road, Xinyi Road, Hangzhou S Road, Aiguo east and west roads,
Taiwanese professional baseball should update sports stadiums and boost engagement to enhance fans’ experience, Chinese Professional Baseball League (CPBL) commissioner Tsai Chi-chang (蔡其昌) told the Liberty Times (sister paper of the Taipei Times) in an interview on Friday. The league has urged Farglory Group and the Taipei City Government to improve the Taipei Dome’s outdated equipment, including relatively rudimentary television and sound systems, and poor technology, he said. The Tokyo Dome has markedly better television and sound systems, despite being 30 years old, because its managers continually upgraded its equipment, Tsai said. In contrast, the Taipei Dome lacked even a room for referees
RSS