Government agencies last year reported 525 cybersecurity threats, nine of which were relatively severe, a report released by the Executive Yuan’s Department of Cyber Security showed.
Information security threats are classified into four severity levels, with level 1 indicating the least serious threat and level 4 the most serious.
Last year, there were 451 level 1 attacks and 65 level 2 attacks on government agencies, department data showed.
Nine level 3 attacks were also recorded, but nothing merited a level 4 classification.
The main types of threats were unauthorized access, Web page attacks, equipment issues and denial of service attacks, the department said.
Unauthorized access was the most common type, comprising 68.8 percent of all threats, it said, adding that the primary causes were vulnerabilities in third-party products, failure of hosts to automatically install updates and remote connection management issues.
Other cases involved ransomware attacks, malware attacks on security systems, latent malware on internal agency networks and systems built by contractors becoming a springboard for infiltration, the department added.
Web page attacks, or the improper control of permissions, file format restrictions and third-party updates targeted by hackers, comprised 6.7 percent of all reported threats, it said.
Threats were nearly evenly split between the central and local governments, with 49 percent of reports coming from federal agencies and 51 percent originating from local agencies, it added.
In its report, which was released late last month, the department recommended how to counter five categories of threats: personal information leaks, ransomware denial of service attacks, malware seeded due to non-updated firmware, persistent attacks designed to steal sensitive data and external supply chain hacks.
For example, in one of the level 3 threats, hackers extracted the login information of a firm handling equipment maintenance for a government agency, the report said.
They were then able to access other equipment within the agency and use ransomware to encrypt data, making normal operation impossible until the hackers released the system, it said.
Ransomware attacks have become a regular occurrence, the report said, adding that response measures hinge on shortening the recovery time.
Agencies should also be sure to patch vulnerabilities and update firmware, implement access controls on internal networks, create off-site backups and conduct regular response drills, it added.
In addition, government agencies should not use equipment or software created in China, the report said.
The Mainland Affairs Council (MAC) on Friday condemned Chinese and Russian authorities for escalating regional tensions, citing Chinese warplanes crossing the Taiwan Strait’s median line and joint China-Russia military activities breaching South Korea’s air defense identification zone (KADIZ) over the past two days. A total of 30 Chinese warplanes crossed the median line of the Taiwan Strait on Thursday and Friday, entering Taiwan’s northern and southwestern airspace in coordination with 15 naval vessels and three high-altitude balloons, the MAC said in a statement. The Chinese military also carried out another “joint combat readiness patrol” targeting Taiwan on Thursday evening, the MAC said. On
The Mainland Affairs Council (MAC) yesterday confirmed that Chinese students visiting Taiwan at the invitation of the Ma Ying-jeou Foundation were almost all affiliated with the Chinese Communist Party (CCP). During yesterday’s meeting convened by the legislature’s Foreign Affairs and National Defense Committee, Democratic Progressive Party (DPP) Legislator Michelle Lin (林楚茵) asked whether the visit was a way to spread China’s so-called “united front” rhetoric, to which MAC Deputy Ministry Shen You-chung (沈有忠) responded with the CCP comment. The MAC noticed that the Chinese individuals visiting Taiwan, including those in sports, education, or religion, have had increasingly impressive backgrounds, demonstrating that the
MILITARY EXERCISES: China is expected to conduct more drills in the region after President William Lai’s office announced he would stopover in Hawaii and Guam China is likely to launch military drills in the coming days near Taiwan, using President William Lai’s (賴清德) upcoming trip to the Pacific and scheduled US transit as a pretext, regional security officials said. Lai is to begin a visit to Taipei’s three diplomatic allies in the Pacific on Saturday, and sources told Reuters he was planning stops in Hawaii and the US territory of Guam in a sensitive trip shortly after the US presidential election. Lai’s office has yet to confirm details of what are officially “stop-overs” in the US, but is expected to do so shortly before he departs, sources
Tasa Meng Corp (采盟), which runs Taiwan Duty Free, could be fined up to NT$1 million (US$30,737) after the owner and employees took center stage in a photograph with government officials and the returning Premier12 baseball champions at Taiwan Taoyuan International Airport on Monday evening. When Taiwan’s national baseball team arrived home fresh from their World Baseball Softball Confederation Premier12 championship victory in Tokyo, Vice President Hsiao Bi-khim (蕭美琴) was at the airport with Chinese Professional Baseball League commissioner Tsai Chi-chang (蔡其昌) to welcome back the team. However, after Hsiao and Tsai took a photograph with the team, Tasa Meng chairwoman Ku
RSS