Government agencies last year reported 525 cybersecurity threats, nine of which were relatively severe, a report released by the Executive Yuan’s Department of Cyber Security showed.
Information security threats are classified into four severity levels, with level 1 indicating the least serious threat and level 4 the most serious.
Last year, there were 451 level 1 attacks and 65 level 2 attacks on government agencies, department data showed.
Nine level 3 attacks were also recorded, but nothing merited a level 4 classification.
The main types of threats were unauthorized access, Web page attacks, equipment issues and denial of service attacks, the department said.
Unauthorized access was the most common type, comprising 68.8 percent of all threats, it said, adding that the primary causes were vulnerabilities in third-party products, failure of hosts to automatically install updates and remote connection management issues.
Other cases involved ransomware attacks, malware attacks on security systems, latent malware on internal agency networks and systems built by contractors becoming a springboard for infiltration, the department added.
Web page attacks, or the improper control of permissions, file format restrictions and third-party updates targeted by hackers, comprised 6.7 percent of all reported threats, it said.
Threats were nearly evenly split between the central and local governments, with 49 percent of reports coming from federal agencies and 51 percent originating from local agencies, it added.
In its report, which was released late last month, the department recommended how to counter five categories of threats: personal information leaks, ransomware denial of service attacks, malware seeded due to non-updated firmware, persistent attacks designed to steal sensitive data and external supply chain hacks.
For example, in one of the level 3 threats, hackers extracted the login information of a firm handling equipment maintenance for a government agency, the report said.
They were then able to access other equipment within the agency and use ransomware to encrypt data, making normal operation impossible until the hackers released the system, it said.
Ransomware attacks have become a regular occurrence, the report said, adding that response measures hinge on shortening the recovery time.
Agencies should also be sure to patch vulnerabilities and update firmware, implement access controls on internal networks, create off-site backups and conduct regular response drills, it added.
In addition, government agencies should not use equipment or software created in China, the report said.
Taiwan has received more than US$70 million in royalties as of the end of last year from developing the F-16V jet as countries worldwide purchase or upgrade to this popular model, government and military officials said on Saturday. Taiwan funded the development of the F-16V jet and ended up the sole investor as other countries withdrew from the program. Now the F-16V is increasingly popular and countries must pay Taiwan a percentage in royalties when they purchase new F-16V aircraft or upgrade older F-16 models. The next five years are expected to be the peak for these royalties, with Taiwan potentially earning
STAY IN YOUR LANE: As the US and Israel attack Iran, the ministry has warned China not to overstep by including Taiwanese citizens in its evacuation orders The Ministry of Foreign Affairs (MOFA) yesterday rebuked a statement by China’s embassy in Israel that it would evacuate Taiwanese holders of Chinese travel documents from Israel amid the latter’s escalating conflict with Iran. Tensions have risen across the Middle East in the wake of US and Israeli airstrikes on Iran beginning Saturday. China subsequently issued an evacuation notice for its citizens. In a news release, the Chinese embassy in Israel said holders of “Taiwan compatriot permits (台胞證)” issued to Taiwanese nationals by Chinese authorities for travel to China — could register for evacuation to Egypt. In Taipei, the ministry yesterday said Taiwan
Taiwan is awaiting official notification from the US regarding the status of the Agreement on Reciprocal Trade (ART) after the US Supreme Court ruled US President Donald Trump's global tariffs unconstitutional. Speaking to reporters before a legislative hearing today, Premier Cho Jung-tai (卓榮泰) said that Taiwan's negotiation team remains focused on ensuring that the bilateral trade deal remains intact despite the legal challenge to Trump's tariff policy. "The US has pledged to notify its trade partners once the subsequent administrative and legal processes are finalized, and that certainly includes Taiwan," Cho said when asked about opposition parties’ doubts that the ART was
If China chose to invade Taiwan tomorrow, it would only have to sever three undersea fiber-optic cable clusters to cause a data blackout, Jason Hsu (許毓仁), a senior fellow at the Hudson Institute and former Chinese Nationalist Party (KMT) legislator, told a US security panel yesterday. In a Taiwan contingency, cable disruption would be one of the earliest preinvasion actions and the signal that escalation had begun, he said, adding that Taiwan’s current cable repair capabilities are insufficient. The US-China Economic and Security Review Commission (USCC) yesterday held a hearing on US-China Competition Under the Sea, with Hsu speaking on
RSS