Government agencies last year reported 525 cybersecurity threats, nine of which were relatively severe, a report released by the Executive Yuan’s Department of Cyber Security showed.
Information security threats are classified into four severity levels, with level 1 indicating the least serious threat and level 4 the most serious.
Last year, there were 451 level 1 attacks and 65 level 2 attacks on government agencies, department data showed.
Nine level 3 attacks were also recorded, but nothing merited a level 4 classification.
The main types of threats were unauthorized access, Web page attacks, equipment issues and denial of service attacks, the department said.
Unauthorized access was the most common type, comprising 68.8 percent of all threats, it said, adding that the primary causes were vulnerabilities in third-party products, failure of hosts to automatically install updates and remote connection management issues.
Other cases involved ransomware attacks, malware attacks on security systems, latent malware on internal agency networks and systems built by contractors becoming a springboard for infiltration, the department added.
Web page attacks, or the improper control of permissions, file format restrictions and third-party updates targeted by hackers, comprised 6.7 percent of all reported threats, it said.
Threats were nearly evenly split between the central and local governments, with 49 percent of reports coming from federal agencies and 51 percent originating from local agencies, it added.
In its report, which was released late last month, the department recommended how to counter five categories of threats: personal information leaks, ransomware denial of service attacks, malware seeded due to non-updated firmware, persistent attacks designed to steal sensitive data and external supply chain hacks.
For example, in one of the level 3 threats, hackers extracted the login information of a firm handling equipment maintenance for a government agency, the report said.
They were then able to access other equipment within the agency and use ransomware to encrypt data, making normal operation impossible until the hackers released the system, it said.
Ransomware attacks have become a regular occurrence, the report said, adding that response measures hinge on shortening the recovery time.
Agencies should also be sure to patch vulnerabilities and update firmware, implement access controls on internal networks, create off-site backups and conduct regular response drills, it added.
In addition, government agencies should not use equipment or software created in China, the report said.
Starlux Airlines, Taiwan’s newest international carrier, has announced it would apply to join the Oneworld global airline alliance before the end of next year. In an investor conference on Monday, Starlux Airlines chief executive officer Glenn Chai (翟健華) said joining the alliance would help it access Taiwan. Chai said that if accepted, Starlux would work with other airlines in the alliance on flight schedules, passenger transits and frequent flyer programs. The Oneworld alliance has 13 members, including American Airlines, British Airways, Cathay Pacific and Qantas, and serves more than 900 destinations in 170 territories. Joining Oneworld would also help boost
A new tropical storm formed late yesterday near Guam and is to approach closest to Taiwan on Thursday, the Central Weather Administration (CWA) said. Tropical Storm Pulasan became the 14th named storm of the year at 9:25pm yesterday, the agency said. As of 8am today, it was near Guam traveling northwest at 21kph, it said. The storm’s structure is relatively loose and conditions for strengthening are limited, WeatherRisk analyst Wu Sheng-yu (吳聖宇) said on Facebook. Its path is likely to be similar to Typhoon Bebinca, which passed north of Taiwan over Japan’s Ryukyu Islands and made landfall in Shanghai this morning, he said. However, it
Taiwan's Gold Apollo Co (金阿波羅通信) said today that the pagers used in detonations in Lebanon the day before were not made by it, but by a company called BAC which has a license to use its brand. At least nine people were killed and nearly 3,000 wounded when pagers used by Hezbollah members detonated simultaneously across Lebanon yesterday. Images of destroyed pagers analyzed by Reuters showed a format and stickers on the back that were consistent with pagers made by Gold Apollo. A senior Lebanese security source told Reuters that Hezbollah had ordered 5,000 pagers from Taiwan-based Gold Apollo. "The product was not
COLD FACTS: ‘Snow skin’ mooncakes, made with a glutinous rice skin and kept at a low temperature, have relatively few calories compared with other mooncakes Traditional mooncakes are a typical treat for many Taiwanese in the lead-up to the Mid-Autumn Festival, but a Taipei-based dietitian has urged people not to eat more than one per day and not to have them every day due to their high fat and calorie content. As mooncakes contain a lot of oil and sugar, they can have negative health effects on older people and those with diabetes, said Lai Yu-han (賴俞含), a dietitian at Taipei Hospital of the Ministry of Health and Welfare. “The maximum you can have is one mooncake a day, and do not eat them every day,” Lai