Taiwan is the front line in an emerging global battle for cyberspace, according to elite hackers in the country’s IT industry, who say it has become a rehearsal area for the Chinese cyberattacks that have strained ties with the US.
Taiwan has endured at least a decade of highly targeted data-theft attacks that are then directed towards larger countries, they say.
“We’ve seen everything,” said Jim Liu, the 28-year-old founder of Lucent Sky, a Taiwanese Internet security company specializing in resolving dangerous software vulnerabilities that hackers can exploit to gain access to a system. “We’ll see a specific attack signature here, and then six months later, see the same signature in an attack on the States.”
A Pentagon report in May accused China of trying to break into US defense computer networks. It followed another report in February by US computer security company Mandiant that said a secretive Chinese military unit was probably behind a series of hacking attacks that had stolen data from about 100 US companies.
Beijing dismissed both reports as without foundation. Taiwan experts say that hacking methods such as those outlined in the Mandiant report are the same kinds of security breaches that they had seen several years earlier.
It is easy to see why Taiwan might be an ideal target for Chinese hackers: It is close to China, Mandarin-speaking and boasts advanced Internet infrastructure.
This cyberwar playing out across the Taiwan Strait first came to public attention in 2003, when a Taiwanese police agency realized hackers had stolen personal data, including household registration information, from its computer system.
These attacks differed from traditional hacking attempts — where many casual hackers attempt to disrupt their targets’ systems, these hackers went in stealthily, with the intention to plunder, rather than destroy.
“Back then, it was very rare to see these kinds of social network attacks,” said hacking specialist Jeremy Chiu, a contract instructor in IT for Taiwan’s intelligence agencies. “They were very, very well-organized.”
Other indicators, including the ease with which the hackers penetrated an e-mail system written entirely in Chinese, painted a picture of the culprits as a large, coordinated group of hackers in China.
“One thing that indicates government support for these attacks is just the sheer volume — how many agencies are being attacked on a daily basis,” said Benson Wu, postdoctoral researcher in information technology at Academia Sinica and co-founder of Xecure Lab, which focuses on responding to advanced persistent threats.
The set-up of Wu’s Taipei office fits the classic hacker image: dimly lit, strewn with wires and humming with computers.
On a projector screen, he displayed a list of e-mails, written in Chinese, with subject headings like “meeting notes,” “dinner attendance” and “questionnaire.”
“These are all hacking attempts,” Wu said.
Once the documents have been opened, they plant a backdoor allowing the hacker virtually unfettered access to the network.
One such “spearphishing” attack was reportedly used on the White House in October last year. A Taiwanese expert in cyberespionage estimated that thousands of Taiwanese high-level government employees receive as many as between 20 and 30 of these e-mails a month.