Cyberattacks originating in China that targeted Taiwan’s critical energy infrastructure increased 10-fold last year, the National Security Bureau said on Sunday last week, underscoring the growing cyberthreat facing the nation’s essential services.
China’s cyberforces attempted an average of 2.63 million intrusions per day against Taiwan’s critical infrastructure, with forays into the energy sector rising 1,000 percent from 2024, and those targeting emergency rescue services and hospitals up 54 percent, the bureau said in a report.
It identified four primary tactics: exploitation of hardware and software vulnerabilities, distributed denial-of-service attacks, social engineering and supply chain infiltration. Chinese hackers have exploited weaknesses in information and communications technology equipment produced by international suppliers or incorporated through government procurement joint supply contracts, vulnerabilities that often remain undetected until systems are fully deployed.
Social engineering remains a particularly effective tactic. Hackers frequently pose as business contacts or trusted partners, sending phishing e-mails designed to trick targets into clicking malicious links or opening infected attachments. More sophisticated operations involve coercing or recruiting people with legitimate system access by exploiting financial vulnerabilities or personal secrets.
To counter the threats, the bureau said that it has held information security dialogues and technical conferences with counterparts in more than 30 countries, while continuing to work closely with international partners to improve threat intelligence sharing and early warning capabilities.
Given what is known about the methods, many attacks could be mitigated through relatively straightforward defense measures. Mandatory cybersecurity training would help employees recognize social engineering attempts, while confidential reporting mechanisms can allow those facing coercion to seek help without fear of reprisal. Risk can also be reduced through greater compartmentalization of systems and data, limiting access privileges so that breaches have minimal effect.
Addressing hardware and software vulnerabilities is more challenging. Facilities designated as part of Taiwan’s critical infrastructure should be required to register their hardware and information systems with the National Institute of Cyber Security, which would enable authorities to track security updates and issue warnings when equipment must be patched, isolated or removed.
Questions are often asked about why hospitals and clinics need to be connected to the Internet given the cyberrisks involved. However, modern healthcare depends on digital connectivity. Medical imaging is frequently sent to offsite specialists for diagnosis and patients commonly receive care across multiple facilities that must share records in real time. Disconnecting hospitals from the Internet would delay treatment and increase the risk of medical errors.
Moreover, keeping hospitals offline would not guarantee security. Modern medical equipment requires regular software updates and can be compromised regardless of how updates are delivered. Many diagnostic systems rely on artificial intelligence, which is typically processed offsite, while telemedicine has become essential for patients in remote or underserved areas. Hospitals also depend on online systems for ordering medicines and supplies, managing blood banks and organ transplant logistics, and handling billing, insurance and regulatory compliance.
Despite the constraints, healthcare institutions could significantly reduce risk through network segmentation, separating clinical devices from administrative and Internet-facing systems. Strict access controls and zero-trust architecture — under which no device or user is automatically trusted — can improve defenses, alongside limiting Internet access, whitelisting vendor connections and implementing one-way data flows where feasible.
Taiwan faces an unusually high volume of cyberattacks compared with other developed economies, but it provides an opportunity to properly test defensive technologies and train people to be aware of the risks. The government should deepen international cooperation by inviting foreign experts to study Chinese cyberoperations firsthand and jointly develop countermeasures.
While cyberthreats continue to escalate, defensive technologies are advancing in parallel and public awareness of malicious activity is improving. Taiwan’s precarious geopolitical position makes it a frequent target, but it also presents a unique opportunity to be a global leader in cybersecurity. To do so, the government must continue investing in workforce training, supply chain security and international collaboration to safeguard the systems that underpin modern society.
The Chinese Communist Party (CCP) has long been expansionist and contemptuous of international law. Under Chinese President Xi Jinping (習近平), the CCP regime has become more despotic, coercive and punitive. As part of its strategy to annex Taiwan, Beijing has sought to erase the island democracy’s international identity by bribing countries to sever diplomatic ties with Taipei. One by one, China has peeled away Taiwan’s remaining diplomatic partners, leaving just 12 countries (mostly small developing states) and the Vatican recognizing Taiwan as a sovereign nation. Taiwan’s formal international space has shrunk dramatically. Yet even as Beijing has scored diplomatic successes, its overreach
In her article in Foreign Affairs, “A Perfect Storm for Taiwan in 2026?,” Yun Sun (孫韻), director of the China program at the Stimson Center in Washington, said that the US has grown indifferent to Taiwan, contending that, since it has long been the fear of US intervention — and the Chinese People’s Liberation Army’s (PLA) inability to prevail against US forces — that has deterred China from using force against Taiwan, this perceived indifference from the US could lead China to conclude that a window of opportunity for a Taiwan invasion has opened this year. Most notably, she observes that
For Taiwan, the ongoing US and Israeli strikes on Iranian targets are a warning signal: When a major power stretches the boundaries of self-defense, smaller states feel the tremors first. Taiwan’s security rests on two pillars: US deterrence and the credibility of international law. The first deters coercion from China. The second legitimizes Taiwan’s place in the international community. One is material. The other is moral. Both are indispensable. Under the UN Charter, force is lawful only in response to an armed attack or with UN Security Council authorization. Even pre-emptive self-defense — long debated — requires a demonstrably imminent
Since being re-elected, US President Donald Trump has consistently taken concrete action to counter China and to safeguard the interests of the US and other democratic nations. The attacks on Iran, the earlier capture of deposed of Venezuelan president Nicolas Maduro and efforts to remove Chinese influence from the Panama Canal all demonstrate that, as tensions with Beijing intensify, Washington has adopted a hardline stance aimed at weakening its power. Iran and Venezuela are important allies and major oil suppliers of China, and the US has effectively decapitated both. The US has continuously strengthened its military presence in the Philippines. Japanese Prime
RSS