Cyberattacks originating in China that targeted Taiwan’s critical energy infrastructure increased 10-fold last year, the National Security Bureau said on Sunday last week, underscoring the growing cyberthreat facing the nation’s essential services.
China’s cyberforces attempted an average of 2.63 million intrusions per day against Taiwan’s critical infrastructure, with forays into the energy sector rising 1,000 percent from 2024, and those targeting emergency rescue services and hospitals up 54 percent, the bureau said in a report.
It identified four primary tactics: exploitation of hardware and software vulnerabilities, distributed denial-of-service attacks, social engineering and supply chain infiltration. Chinese hackers have exploited weaknesses in information and communications technology equipment produced by international suppliers or incorporated through government procurement joint supply contracts, vulnerabilities that often remain undetected until systems are fully deployed.
Social engineering remains a particularly effective tactic. Hackers frequently pose as business contacts or trusted partners, sending phishing e-mails designed to trick targets into clicking malicious links or opening infected attachments. More sophisticated operations involve coercing or recruiting people with legitimate system access by exploiting financial vulnerabilities or personal secrets.
To counter the threats, the bureau said that it has held information security dialogues and technical conferences with counterparts in more than 30 countries, while continuing to work closely with international partners to improve threat intelligence sharing and early warning capabilities.
Given what is known about the methods, many attacks could be mitigated through relatively straightforward defense measures. Mandatory cybersecurity training would help employees recognize social engineering attempts, while confidential reporting mechanisms can allow those facing coercion to seek help without fear of reprisal. Risk can also be reduced through greater compartmentalization of systems and data, limiting access privileges so that breaches have minimal effect.
Addressing hardware and software vulnerabilities is more challenging. Facilities designated as part of Taiwan’s critical infrastructure should be required to register their hardware and information systems with the National Institute of Cyber Security, which would enable authorities to track security updates and issue warnings when equipment must be patched, isolated or removed.
Questions are often asked about why hospitals and clinics need to be connected to the Internet given the cyberrisks involved. However, modern healthcare depends on digital connectivity. Medical imaging is frequently sent to offsite specialists for diagnosis and patients commonly receive care across multiple facilities that must share records in real time. Disconnecting hospitals from the Internet would delay treatment and increase the risk of medical errors.
Moreover, keeping hospitals offline would not guarantee security. Modern medical equipment requires regular software updates and can be compromised regardless of how updates are delivered. Many diagnostic systems rely on artificial intelligence, which is typically processed offsite, while telemedicine has become essential for patients in remote or underserved areas. Hospitals also depend on online systems for ordering medicines and supplies, managing blood banks and organ transplant logistics, and handling billing, insurance and regulatory compliance.
Despite the constraints, healthcare institutions could significantly reduce risk through network segmentation, separating clinical devices from administrative and Internet-facing systems. Strict access controls and zero-trust architecture — under which no device or user is automatically trusted — can improve defenses, alongside limiting Internet access, whitelisting vendor connections and implementing one-way data flows where feasible.
Taiwan faces an unusually high volume of cyberattacks compared with other developed economies, but it provides an opportunity to properly test defensive technologies and train people to be aware of the risks. The government should deepen international cooperation by inviting foreign experts to study Chinese cyberoperations firsthand and jointly develop countermeasures.
While cyberthreats continue to escalate, defensive technologies are advancing in parallel and public awareness of malicious activity is improving. Taiwan’s precarious geopolitical position makes it a frequent target, but it also presents a unique opportunity to be a global leader in cybersecurity. To do so, the government must continue investing in workforce training, supply chain security and international collaboration to safeguard the systems that underpin modern society.
Jan. 1 marks a decade since China repealed its one-child policy. Just 10 days before, Peng Peiyun (彭珮雲), who long oversaw the often-brutal enforcement of China’s family-planning rules, died at the age of 96, having never been held accountable for her actions. Obituaries praised Peng for being “reform-minded,” even though, in practice, she only perpetuated an utterly inhumane policy, whose consequences have barely begun to materialize. It was Vice Premier Chen Muhua (陳慕華) who first proposed the one-child policy in 1979, with the endorsement of China’s then-top leaders, Chen Yun (陳雲) and Deng Xiaoping (鄧小平), as a means of avoiding the
The last foreign delegation Nicolas Maduro met before he went to bed Friday night (January 2) was led by China’s top Latin America diplomat. “I had a pleasant meeting with Qiu Xiaoqi (邱小琪), Special Envoy of President Xi Jinping (習近平),” Venezuela’s soon-to-be ex-president tweeted on Telegram, “and we reaffirmed our commitment to the strategic relationship that is progressing and strengthening in various areas for building a multipolar world of development and peace.” Judging by how minutely the Central Intelligence Agency was monitoring Maduro’s every move on Friday, President Trump himself was certainly aware of Maduro’s felicitations to his Chinese guest. Just
A recent piece of international news has drawn surprisingly little attention, yet it deserves far closer scrutiny. German industrial heavyweight Siemens Mobility has reportedly outmaneuvered long-entrenched Chinese competitors in Southeast Asian infrastructure to secure a strategic partnership with Vietnam’s largest private conglomerate, Vingroup. The agreement positions Siemens to participate in the construction of a high-speed rail link between Hanoi and Ha Long Bay. German media were blunt in their assessment: This was not merely a commercial win, but has symbolic significance in “reshaping geopolitical influence.” At first glance, this might look like a routine outcome of corporate bidding. However, placed in
China often describes itself as the natural leader of the global south: a power that respects sovereignty, rejects coercion and offers developing countries an alternative to Western pressure. For years, Venezuela was held up — implicitly and sometimes explicitly — as proof that this model worked. Today, Venezuela is exposing the limits of that claim. Beijing’s response to the latest crisis in Venezuela has been striking not only for its content, but for its tone. Chinese officials have abandoned their usual restrained diplomatic phrasing and adopted language that is unusually direct by Beijing’s standards. The Chinese Ministry of Foreign Affairs described the
RSS