A note on a piece of paper indicating that China-based hackers, presumed to belong to a special unit under China's People's Liberation Army (PLA), had broken into the legislature's computer system, has rattled cyber security personnel over the past two weeks.
Some legislative assistants said they received the note from the Ministry of Justice's Investigation Bureau (MJIB) on July 6, but the bureau refused to confirm that it had sent the note.
Security concerns
According to the note, a backdoor program installed on 24 different computers in the offices of legislators from across party lines -- including one used by Legislative Speaker Wang Jin-pyng's (
"We have located the hackers and discovered that they were PLA officials based in Fujian Province," an anonymous source from the bureau was quoted by Lin Hong-chan (
An official with the MJIB's Computer Crime Prevention Center, who asked not to be named, told the Taipei Times in a telephone interview that the agency was aware of the situation and had warned some legislators of the attack.
Tracing the attack
Lin said the problem came to light because the MJIB found that some e-mails dispatched from a relay station based in the US had been sent in the name of Taiwan's legislators.
"They [MJIB special agents] traced the origin of those e-mails and found out it was Fujian-based hackers who had used a specially designed attack Web site to install a Trojan horse program on legislators' office computers," Lin said.
The note said that computers used in the offices of Chinese Nationalist Party (KMT) Legislator Su Chi (
The Trojan horse program also entered some computers in the offices of the DPP and TSU legislative caucuses, according to the note.
Lee Ming-yueh (
"Two computers out of six in our office were attacked. One was for keeping the legislator's schedule and the other was for receiving and sending all documents," he said.
He added: "The computer that was attacked in the [DPP] caucus office was used by an assistant who is in charge of gathering all information and reporting to the head of the caucus."
Inside help?
Lee's concern led to a presumption that the attack was not launched by Chinese hackers alone. Rather, the hackers had possibly collaborated with legislative staff.
"We haven't ruled out that there might be internal personnel involved in the matter, but we don't know this for sure at the moment," said Chen Hsi-yang (陳熙揚), director of the Information and Technology Department at the legislature.
Chen Shi-yang said that the legislature has set up firewalls, which can prevent the Chinese hackers from getting inside its computers.
"We installed a virus scanner for e-mails coming in and out of the legislature. Also, we used Dynamic Host Configuration Protocol [DHCP] to dynamically allocate IP addresses, meaning that there is no way that outside hackers can know any single IP address belonging to the legislature's computers and select their targets," he said.
In the wake of the release of the note, which listed the IP addresses and user numbers of the computers that were attacked, the legislature's cyber security personnel have since July 4 been trying to fix the virus problem.
"We have fixed 15 of the 24 affected computers and quarantined a virus in the other nine computers. Now we are waiting for Philippines-based Trend Micro [Corp] to get back to us on solutions for the various viruses on those nine computers," the director said.
Denial
The Information and Technology Department, however, denied that PLA was the source of the hackers and said the MJIB had first discovered the virus.
"According to Trend Micro's description of the virus, named BKDR_BIFROSE_JH, it was a backdoor-attached virus, but it was not from the PLA," Chen Shi-yang said.
The virus was found by the department's Security Operation Center and not by the MJIB, Chen Shi-yang added.
"Indeed, there's a threat that the PLA's hackers might attack the legislature's network system, but we have done our best to secure it against hackers," the director said.
THE HAWAII FACTOR: While a 1965 opinion said an attack on Hawaii would not trigger Article 5, the text of the treaty suggests the state is covered, the report says NATO could be drawn into a conflict in the Taiwan Strait if Chinese forces attacked the US mainland or Hawaii, a NATO Defense College report published on Monday says. The report, written by James Lee, an assistant research fellow at Academia Sinica’s Institute of European and American Studies, states that under certain conditions a Taiwan contingency could trigger Article 5 of NATO, under which an attack against any member of the alliance is considered an attack against all members, necessitating a response. Article 6 of the North Atlantic Treaty specifies that an armed attack in the territory of any member in Europe,
FLU SEASON: Twenty-six severe cases were reported from Tuesday last week to Monday, including a seven-year-old girl diagnosed with influenza-associated encephalopathy Nearly 140,000 people sought medical assistance for diarrhea last week, the Centers for Disease Control (CDC) said on Tuesday. From April 7 to Saturday last week, 139,848 people sought medical help for diarrhea-related illness, a 15.7 percent increase from last week’s 120,868 reports, CDC Epidemic Intelligence Center Deputy Director Lee Chia-lin (李佳琳) said. The number of people who reported diarrhea-related illness last week was the fourth highest in the same time period over the past decade, Lee said. Over the past four weeks, 203 mass illness cases had been reported, nearly four times higher than the 54 cases documented in the same period
Heat advisories were in effect for nine administrative regions yesterday afternoon as warm southwesterly winds pushed temperatures above 38°C in parts of southern Taiwan, the Central Weather Administration (CWA) said. As of 3:30pm yesterday, Tainan’s Yujing District (玉井) had recorded the day’s highest temperature of 39.7°C, though the measurement will not be included in Taiwan’s official heat records since Yujing is an automatic rather than manually operated weather station, the CWA said. Highs recorded in other areas were 38.7°C in Kaohsiung’s Neimen District (內門), 38.2°C in Chiayi City and 38.1°C in Pingtung’s Sandimen Township (三地門), CWA data showed. The spell of scorching
HOSPITALITY HIT: Hotels in Hualien have an occupancy rate of 10 percent, down from 30 percent before the earthquake, a Tourism Administration official said The Executive Yuan yesterday unveiled a stimulus package of vouchers and subsidies to revive tourism in Hualien County following a quake measuring 7.2 on the Richter scale. The tremor on April 3, which killed at least 17 people and left two others missing, caused the county an estimated NT$3 billion (US$92.7 million) in damages. The Ministry of Economic Affairs is to issue vouchers worth NT$200 at the price of NT$100 for purchases at the Dongdamen Night Market (東大門夜市) in Hualien City to boost spending, a ministry official told a news conference after a Cabinet meeting in Taipei. The ministry plans to issue 18,400