Government agencies last year reported 525 cybersecurity threats, nine of which were relatively severe, a report released by the Executive Yuan’s Department of Cyber Security showed.
Information security threats are classified into four severity levels, with level 1 indicating the least serious threat and level 4 the most serious.
Last year, there were 451 level 1 attacks and 65 level 2 attacks on government agencies, department data showed.
Nine level 3 attacks were also recorded, but nothing merited a level 4 classification.
The main types of threats were unauthorized access, Web page attacks, equipment issues and denial of service attacks, the department said.
Unauthorized access was the most common type, comprising 68.8 percent of all threats, it said, adding that the primary causes were vulnerabilities in third-party products, failure of hosts to automatically install updates and remote connection management issues.
Other cases involved ransomware attacks, malware attacks on security systems, latent malware on internal agency networks and systems built by contractors becoming a springboard for infiltration, the department added.
Web page attacks, or the improper control of permissions, file format restrictions and third-party updates targeted by hackers, comprised 6.7 percent of all reported threats, it said.
Threats were nearly evenly split between the central and local governments, with 49 percent of reports coming from federal agencies and 51 percent originating from local agencies, it added.
In its report, which was released late last month, the department recommended how to counter five categories of threats: personal information leaks, ransomware denial of service attacks, malware seeded due to non-updated firmware, persistent attacks designed to steal sensitive data and external supply chain hacks.
For example, in one of the level 3 threats, hackers extracted the login information of a firm handling equipment maintenance for a government agency, the report said.
They were then able to access other equipment within the agency and use ransomware to encrypt data, making normal operation impossible until the hackers released the system, it said.
Ransomware attacks have become a regular occurrence, the report said, adding that response measures hinge on shortening the recovery time.
Agencies should also be sure to patch vulnerabilities and update firmware, implement access controls on internal networks, create off-site backups and conduct regular response drills, it added.
In addition, government agencies should not use equipment or software created in China, the report said.
BY OTHER MEANS: China could see CPTPP membership as a means of circumventing trade restrictions imposed by the US, amid an ongoing trade dispute between them The US could invoke a clause in its trade agreement with Canada and Mexico to block China’s application to join the Comprehensive and Progressive Agreement for Trans-Pacific Partnership (CPTPP), a government official said yesterday. Under Article 32.10 of the Exceptions and General Provisions of the United States-Mexico-Canada Agreement (USMCA), if either Canada or Mexico enter a free-trade agreement with a nonmarket economy — such as China — the US could withdraw from the agreement. “If that clause applies to multilateral free-trade agreements such as the CPTPP — which Mexico and Canada are members of — that might be cause for the two
National Taiwan University Hospital’s (NTUH) Ethical Review Committee on Tuesday approved the hospital’s application to conduct human trials of mixed Moderna and Medigen COVID-19 vaccines. The hospital yesterday said that 220 volunteers aged 20 to 70 who have received one dose of a Moderna vaccine eight to 12 weeks ago are to be enrolled in the program. The volunteers are to be separated into two groups — a treatment group and a control group — and a double-blind study would be conducted, assigning Medigen or Moderna vaccines to the groups on a random basis, it said. The trial is expected to start
AT ODDS: The KMT called on the government to seek bilateral dialogue with Beijing to resolve the issue that led to the ban on custard apple and wax apple imports Democratic Progressive Party (DPP) officials and lawmakers yesterday condemned China’s sudden ban on imports of custard apples and wax apples from Taiwan as “obvious political retaliation,” while the opposition called for a scientific investigation into Beijing’s claim to have found pests in imports of the fruits. China earlier yesterday announced a ban on the importation of the two fruits from today, citing repeated discoveries of Planococcus minor, a type of mealybug. The announcement follows a similar ban on Taiwanese pineapples imposed in February. At least Beijing gave a few days’ notice when it banned pineapple imports, an unnamed government official said yesterday. This time
TAIWAN TIES: The foreign ministry said like-minded nations continue to express support for Taiwan’s ties with Lithuania, highlighting a letter by Slovenia’s PM US Secretary of State Antony Blinken on Wednesday saluted Lithuania’s championing of democracy in Taiwan and Belarus. Lithuania in July agreed to let Taiwan open a representative office using its own name, prompting a pressure campaign by China. “We stand against economic coercion, including that being exerted by China,” Blinken said as he welcomed Lithuanian Minister of Foreign Affairs Gabrielius Landsbergis in Washington. “We stand strongly for democracy, including in Belarus, where we’re very much working together,” Blinken said. Landsbergis told reporters afterward that he and Blinken discussed “economic, financial, political measures” that can be taken to withstand Chinese pressure. “We discussed various possible measures