The Executive Yuan yesterday strongly condemned cyberattacks suspected to have been launched by a pro-Russia hacking group the previous day targeting the Taiwan Stock Exchange (TWSE), the Directorate-General of Budget, Accounting and Statistics (DGBAS) and several local financial institutions.
It assured the public that government agencies are closely monitoring the situation and have a firm understanding of the incident.
In a statement, Cabinet spokesperson Michelle Lee (李慧芝) said that the Executive Yuan strongly condemned reckless hacking attacks on countries including Taiwan.
Photo courtesy of a reader
Vice Premier Cheng Li-chiun (鄭麗君), who also heads the National Information and Communication Security Task Force, has requested that the Administration of Cyber Security (ACS) gather information about the cyberattacks and help agencies make prompt responses, Lee said.
While the government would continue to monitor how the cyberattacks evolve, it has also informed all of the agencies under the central and local governments that they should work together to defend themselves from possible further attacks, Lee said.
The statement was issued after the Web sites of the TWSE, the DGBAS and several major government-invested Taiwanese banks, including Mega Financial Holding Co (兆豐金控), and Chang Hwa Commercial Bank (彰化銀行), crashed due to cyberattacks on Thursday.
NoName057, a pro-Russia hacker group, has claimed that it launched distributed denial of service (DDoS) attacks on Taiwan’s government agencies, financial firms and even Taipei International Airport (Songshan airport).
The ACS on Thursday confirmed that the attacks were made through DDoS, referring to a malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure.
The TWSE said that at about 3pm on Thursday, it found that a large number of foreign Internet protocol addresses launched invalid queries on its network, causing unstable services for a short period.
The TWSE said its global Web site returned to normal at 3:22pm and saw no impact on its operations or the local stock market.
Mega Financial said the Web sites of the firm and its securities, commercial bill and securities investment trust subsidiaries were attacked on Thursday afternoon, but the networks returned to normal soon after their quick response.
NoName057 is the pro-Russian hacktivist group behind Project DDoSia, a DDoS attack toolkit that targets entities criticizing Russia’s invasion of Ukraine.
The Liberty Times (sister paper of the Taipei Times) on Tuesday cited cybersecurity firm Radware as saying that the attacks appeared to be retaliation for comments made by President William Lai (賴清德) on Sept. 1 suggesting China should have a territorial dispute with Russia.
“If it is really about territorial integrity, why don’t they [China] take back the land that was signed away and occupied by Russia in the Treaty of Aigun?” Lai asked.
The Treaty of Aigun, which was signed in 1858 between the Russian Empire and the Qing Dynasty, ceded about 600,000km2 of land in Manchuria to Russia.
The government is continuing to monitor the cyberattacks, which appear to have achieved little, but are showing no sign of stopping, Minister of Digital Affairs Huang Yen-nun (黃彥男) told the Liberty Times yesterday.
The Ministry of Digital Affairs has implemented strong countermeasures since China’s 2022 DDoS offensive during then-US House of Representatives speaker Nancy Pelosi’s visit to Taiwan, an official said on condition of anonymity.
These efforts significantly increased the resource costs of DDoS attacks, requiring hackers to outspend Taiwanese defenders 20:1 to achieve success, they said, adding that most Chinese attacks during the presidential election were neutralized.
Information technology experts speculated that the nation is preventing DDoS attacks by denying servers with foreign IP addresses from connecting to Taiwanese networks without limiting Taiwanese access to the Internet.
This method known as "flow cleaning" is a speedy and cost-effective counter to DDoS attacks, said Cha Shi-cho (查士朝), professor of informational security at the National Taiwan University of Science and Technology.
Hackers mainly utilize foreign-based servers to conduct DDoS attacks, which leaves a footprint that could be easily tracked and identified by government agencies or private security firms, he said.
DDoS is an old and simple, but costly method that requires the attacker to commit enormous resources for temporary results, he said, adding that there is little need for alarm if these attacks did not compromise systems.
However, if the attackers gained control of corporate networkers, they could use the latter as a springboard to launch further attacks, which would be more difficult and expensive to defend against, he said.
Additional reporting by Hsu Tzu-ling
AT RISK: The council reiterated that people should seriously consider the necessity of visiting China, after Beijing passed 22 guidelines to punish ‘die-hard’ separatists The Mainland Affairs Council (MAC) has since Jan. 1 last year received 65 petitions regarding Taiwanese who were interrogated or detained in China, MAC Minister Chiu Chui-cheng (邱垂正) said yesterday. Fifty-two either went missing or had their personal freedoms restricted, with some put in criminal detention, while 13 were interrogated and temporarily detained, he said in a radio interview. On June 21 last year, China announced 22 guidelines to punish “die-hard Taiwanese independence separatists,” allowing Chinese courts to try people in absentia. The guidelines are uncivilized and inhumane, allowing Beijing to seize assets and issue the death penalty, with no regard for potential
STILL COMMITTED: The US opposes any forced change to the ‘status quo’ in the Strait, but also does not seek conflict, US Secretary of State Marco Rubio said US President Donald Trump’s administration released US$5.3 billion in previously frozen foreign aid, including US$870 million in security exemptions for programs in Taiwan, a list of exemptions reviewed by Reuters showed. Trump ordered a 90-day pause on foreign aid shortly after taking office on Jan. 20, halting funding for everything from programs that fight starvation and deadly diseases to providing shelters for millions of displaced people across the globe. US Secretary of State Marco Rubio, who has said that all foreign assistance must align with Trump’s “America First” priorities, issued waivers late last month on military aid to Israel and Egypt, the
‘UNITED FRONT’ FRONTS: Barring contact with Huaqiao and Jinan universities is needed to stop China targeting Taiwanese students, the education minister said Taiwan has blacklisted two Chinese universities from conducting academic exchange programs in the nation after reports that the institutes are arms of Beijing’s United Front Work Department, Minister of Education Cheng Ying-yao (鄭英耀) said in an exclusive interview with the Chinese-language Liberty Times (the Taipei Times’ sister paper) published yesterday. China’s Huaqiao University in Xiamen and Quanzhou, as well as Jinan University in Guangzhou, which have 600 and 1,500 Taiwanese on their rolls respectively, are under direct control of the Chinese government’s political warfare branch, Cheng said, citing reports by national security officials. A comprehensive ban on Taiwanese institutions collaborating or
France’s nuclear-powered aircraft carrier and accompanying warships were in the Philippines yesterday after holding combat drills with Philippine forces in the disputed South China Sea in a show of firepower that would likely antagonize China. The Charles de Gaulle on Friday docked at Subic Bay, a former US naval base northwest of Manila, for a break after more than two months of deployment in the Indo-Pacific region. The French carrier engaged with security allies for contingency readiness and to promote regional security, including with Philippine forces, navy ships and fighter jets. They held anti-submarine warfare drills and aerial combat training on Friday in
RSS