Thu, Aug 09, 2018 - Page 8 News List

EDITORIAL: Turning threats into opportunities

A virus infection on Friday last week disrupted the operations of Taiwan Semiconductor Manufacturing Co (TSMC), the world’s largest contract chipmaker. It was a reminder of Taiwan’s vulnerability and exposure to cyberattacks.

However, there is a silver lining: That heightened exposure means that the government and the private sector are finally waking up to the gravity of the situation, providing an opportunity for improvement.

After initial reports that the disruption might have been caused by a hacker attack, TSMC announced that it was due to a variant of the WannaCry ransomware infecting its internal systems through a USB device during the installation of new equipment.

Apparently, the proper protocols had not been followed and its computers lacked a security patch for the Windows 7 operating system.

Although the disruption was not caused by a sophisticated group of hackers or state actors looking to steal industrial secrets, it could have been.

TSMC’s facility in Taiwan is its most important research and development base, and holds crucial production data and nanotechnology blueprints.

Taiwan is particularly vulnerable to cyberattacks. In addition to attacks by Chinese hackers, who use it as a testing ground to perfect their malware before unleashing it on the rest of the world, the nation’s wealth, fast Internet connectivity and lax cybersecurity awareness have made it easy picking for cybercriminals around the world.

Industrial espionage is only one part of the problem. Infection by malware as sleeper software with which hostile foreign governments can launch sophisticated cyberattacks at crucial points in potential conflicts is something the nation needs to be aware of.

Cyberspace is an emerging battlefield — in addition to land, sea, air and space — that will play an increasingly decisive role in warfare, according to NATO.

Bloomberg columnist Tim Culpan recounted a story of how he a few years ago asked a cybersecurity expert at a hackers’ conference in Taipei about the “cyberwar” between Taiwan and China. He was surprised to be told there was none, because “it is only war if you fight back.”

The good news is that things seem to be changing, as President Tsai Ing-wen’s (蔡英文) administration has made cybersecurity a focus.

In 2016, the Department of Cybersecurity was established under the Executive Yuan to replace the National Information and Communication Security Taskforce. The following year the Information and Electronic Warfare Command was established as a military branch.

The government in May passed the Information and Communication Security Management Act (資通安全管理法), requiring government agencies, as well as providers of critical infrastructure — energy, water, information technology and telecoms, transportation, financial services, emergency services, hospitals and science parks — to establish and maintain cybersecurity.

Integration of systems, protocols and policies should help streamline security and response to attacks.

The government has also included the National Strategy for Cybersecurity Development Program (2017-2020) in its “five plus two industrial innovation program,” while private enterprises are stepping up cybersecurity measures, perhaps in no small part due to the initial outbreak of the WannaCry ransomware.

Taiwanese expertise in the sector, and its experience with cyberattacks, means that private companies are increasingly developing products and services to deal with the threat. The finance and e-commerce sectors are prime targets, and they are now investing heavily in cybersecurity.

This story has been viewed 3352 times.

Comments will be moderated. Keep comments relevant to the article. Remarks containing abusive and obscene language, personal attacks of any kind or promotion will be removed and the user banned. Final decision will be at the discretion of the Taipei Times.

TOP top