Sat, Mar 18, 2017 - Page 3 News List

More Taiwanese institutions likely hacking targets

FIREEYE’S PERSPECTIVE:The nation’s geopolitical position and high-tech industries make tempting targets, officials from a US cybersecurity firm said

By Chen Bing-hung and Jonathan Chin  /  Staff reporter, with staff writer

Taiwanese political and financial institutions are likely to be targeted by sophisticated hacker operations with pecuniary or political agendas, US-based cybersecurity company FireEye said on Tuesday.

Due to rising political uncertainty on a global scale, cyberespionage would intensify with the aim of obtaining high-value intelligence and information that could serve as leverage in political negotiations, FireEye director of cybersecurity training Patrick Walsh, a retired US admiral and former commander of the US Pacific Fleet, said in Taipei.

Taiwan’s geopolitical position and high-tech industries are tempting targets for Internet-based attacks that might exploit the security gaps in the nation’s Internet of Things, Walsh said.

The hacking of First Commercial Bank automated teller machines and securities traders are likely to be followed by more sophisticated and targeted attacks, as cybercrime proves more lucrative than the drug trade, he said.

The attacks on US targets perpetrated by a Russia-based hacker group, which FireEye designated as Advanced Persistent Threat-28 (APT28), during the US presidential election last year highlighted the extent of the threat posed by cyberespionage, Walsh said.

Security experts have been observing APT28 for the past decade and believe that it had used “spear phishing” — or the targeted sending of messages containing viral links or trojans to infiltrate computer networks — to access secret information, which is then disseminated to the media for the purposes of manipulating political events, Walsh said.

He said that the hacker group’s targets include entities in the aerospace, defense, media and entertainment industries; political dissidents and opposition parties; and foreign affairs establishments of other governments in every part of the world.

“It is a matter of time before other hacker groups replicate its tactics in their own attacks,” he said.

The increasing reliance on networked sensors and platforms for modern armies will heighten the risks of cyberwarfare, and armed forces need to learn from the private sector to bolster information security, he said.

FireEye North Asia regional director Hsu Kuo-hai (徐國海) said 27 percent of its Taiwanese clients were targeted by Internet-based attacks between January and June last year.

Since 2014, at least five hacker groups involved in attacks against Taiwanese entities were rated as advanced persistent threats, with an additional 13 that were rated advanced threats, Hsu said.

Local entities that are most frequently targeted by attacks are telecommunications companies, government agencies, educational institutions, high-tech enterprises and consultancies or other service industries, Hsu said, adding that Taiwan has a reputation in the black hat hacker community as a target with a potential for lucrative payoffs.

As cross-strait tension is likely to persist, China will step up its cyberattacks, improve their efficiency and professionalism, possibly adopting different tactics, but without changing their strategic aims, Walsh said, adding that governments must continuously improve their information security expertise, operating procedures, techniques and technology to combat the threat.

“Rely not on the likelihood of the enemy’s not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable,” Walsh said, quoting Chinese military philosopher Sun Tzu (孫子).

This story has been viewed 3698 times.

Comments will be moderated. Remarks containing abusive and obscene language, personal attacks of any kind or promotion will be removed and the user banned.

TOP top