Network devices from several Chinese manufacturers are insecure and allow personal information to be leaked, testing commissioned by the Executive Yuan has shown.
A variety of devices and software, including apps, from Chinese, US and South Korean manufacturers that are used by government agencies at the central and local level were subjected to black-box testing — in which the functionality of an application is examined without knowing about its internal structure, an information-security official said yesterday on condition of anonymity.
The Telecom Technology Center conducted the tests, which simulated cyberattacks, to determine their resilience to the attacks, the official said.
The center said it would send the results of the tests to the manufacturers and retest the affected devices in two months, pending software updates.
The Chinese manufacturers included Xiaomi Corp (小米), Oppo Mobile Telecommunications Corp (歐珀), Hangzhou Hikvision Digital Technology Co (杭州海康威視數字技術) and Zhejiang Dahua Technology Co (浙江大華技術).
Information stored on some of the tested Chinese-made products was found to be insecure, the official said.
Of the software that failed to meet national requirements for information security, one app was from Oppo and seven were from Xiaomi, while software and devices from Samsung Electronics Co and Apple Inc passed all their tests, the official said.
Tests on devices from Hikvision and Dahua were aimed at testing the security of their system software, identity-recognition software, authorization mechanisms and their protection of personal information, the official said.
The monitoring software in Hikvision network camera model DFI 6257E and Dahua infrared camera model DH-IPC-HFW1230SN exhibited abnormal behavior, did not have alert functions and received a relatively low score of seven in version 3.1 of the Common Vulnerability Scoring System, which indicates security loopholes, the official said.
Both devices also used an insecure encryption system and an insufficiently complex verification system, and neither had shells designed to prevent dismantling, the official said.
The center also conducted tests on drones built by Shenzhen DJI Sciences and Technologies (深圳大疆創新科技有限公司), which supplies the drones used by Taiwan Water Corp (台灣自來水).
Tests on the company’s Mavic Pro, Mavic 2 Pro and Phantom 4 Pro V2.0 models showed signs of signal interference, which appeared in the devices’ logs, the official said.
They all had weak information-security mechanisms, among other problems, the official added.
VIGILANCE: While two of the cases are family members of a nurse, there is no sign of community spread and the source of infection is identifiable, the CECC said The Central Epidemic Command Center (CECC) yesterday reported four new domestic COVID-19 cases associated with a cluster infection at a Taoyuan hospital. Since the first case was identified on Tuesday last week, five healthcare workers — two doctors and three nurses — at the Ministry of Health and Welfare’s Taoyuan General Hospital have tested positive for the virus. Minister of Health and Welfare Chen Shih-chung (陳時中), who heads the center, said that two of the four new cases are the husband and daughter of a nurse (case No. 863) who had earlier been confirmed to have COVID-19. The husband (case No. 864)
INCURSION: After 13 PLA aircraft flew into Taiwan’s ADIZ, the US Department of State said that China should rather ‘engage in meaningful dialogue’ with Taiwan US President Joe Biden’s administration on Saturday urged China to stop placing military pressure on Taiwan, while calling on both sides of the Taiwan Strait to engage in peaceful dialogue. The statement by the US Department of State was issued after 13 Chinese military aircraft flew into Taiwan’s southwest air defense identification zone (ADIZ) on Saturday, the highest number observed in a single day this year, the Ministry of National Defense said. The air force scrambled fighter jets to monitor the Chinese aircraft, issuing radio warnings and mobilizing air defense assets until the planes left the ADIZ. The US “notes
CHANGE OF GUARD: Hsiao Bi-khim’s attendance at Joe Biden’s inauguration will come as a boost to those in Taiwan who feared that the new US administration would be less friendly than that of Donald Trump to the nation Representative to the US Hsiao Bi-khim (蕭美琴) is to attend US President Joe Biden’s swearing-in ceremony at the US Capitol after she was invited by the US Joint Congressional Committee on Inaugural Ceremonies, a news release issued by the Taipei Economic and Cultural Representative Office (TECRO) in the US said last night. The news came as a surprise as the Ministry of Foreign Affairs had been reticent about the matter, while Chinese Nationalist Party (KMT) members had accused the Democratic Progressive Party administration of hedging its bets on the Republican Party. Asked about when Hsiao received the invitation, the ministry did not
FAMILY UNIT: The CECC warned that the eldest sister of the latest case, who also has COVID-19, visited Taoyuan’s Chungping evening market on Tuesday and Wednesday The Central Epidemic Command Center (CECC) yesterday reported a domestic case of COVID-19, associated with a recent cluster infection at Taoyuan General Hospital, and two imported cases. Minister of Health and Welfare Chen Shih-chung (陳時中), who heads the center, said that the latest case (No. 885) is a woman in her 50s, who is the third daughter of case No. 881, a man in his 90s. The woman is the main caregiver of her elderly father, who had been hospitalized earlier this month and was treated by a nurse (case No. 852) from Monday to Thursday last week, he said, adding that