Government agencies last year reported 525 cybersecurity threats, nine of which were relatively severe, a report released by the Executive Yuan’s Department of Cyber Security showed.
Information security threats are classified into four severity levels, with level 1 indicating the least serious threat and level 4 the most serious.
Last year, there were 451 level 1 attacks and 65 level 2 attacks on government agencies, department data showed.
Nine level 3 attacks were also recorded, but nothing merited a level 4 classification.
The main types of threats were unauthorized access, Web page attacks, equipment issues and denial of service attacks, the department said.
Unauthorized access was the most common type, comprising 68.8 percent of all threats, it said, adding that the primary causes were vulnerabilities in third-party products, failure of hosts to automatically install updates and remote connection management issues.
Other cases involved ransomware attacks, malware attacks on security systems, latent malware on internal agency networks and systems built by contractors becoming a springboard for infiltration, the department added.
Web page attacks, or the improper control of permissions, file format restrictions and third-party updates targeted by hackers, comprised 6.7 percent of all reported threats, it said.
Threats were nearly evenly split between the central and local governments, with 49 percent of reports coming from federal agencies and 51 percent originating from local agencies, it added.
In its report, which was released late last month, the department recommended how to counter five categories of threats: personal information leaks, ransomware denial of service attacks, malware seeded due to non-updated firmware, persistent attacks designed to steal sensitive data and external supply chain hacks.
For example, in one of the level 3 threats, hackers extracted the login information of a firm handling equipment maintenance for a government agency, the report said.
They were then able to access other equipment within the agency and use ransomware to encrypt data, making normal operation impossible until the hackers released the system, it said.
Ransomware attacks have become a regular occurrence, the report said, adding that response measures hinge on shortening the recovery time.
Agencies should also be sure to patch vulnerabilities and update firmware, implement access controls on internal networks, create off-site backups and conduct regular response drills, it added.
In addition, government agencies should not use equipment or software created in China, the report said.
A drunk woman was sexually assaulted inside a crowded concourse of Taipei Railway Station on Thursday last week before a foreign tourist notified police, leading to calls for better education on bystander intervention and review of security infrastructure. The man, surnamed Chiu (邱), was taken into custody on charges of sexual assault, taking advantage of the woman’s condition and public indecency. Police discovered that Chiu was a fugitive with prior convictions for vehicle theft. He has been taken into custody and is to complete his unserved six-month sentence, police said. On Thursday last week, Chiu was seen wearing a white
EVA Airways, one of the leading international carriers in Taiwan, yesterday said that it was investigating reports that a cabin crew manager had ignored the condition of a sick flight attendant, who died on Saturday. The airline made the statement in response to a post circulating on social media that said that the flight attendant on an outbound flight was feeling sick and notified the cabin crew manager. Although the flight attendant grew increasingly ill on the return flight, the manager did not contact Medlink — a system that connects the aircraft to doctors on the ground for treatment advice during medical
The Taoyuan Flight Attendants’ Union yesterday vowed to protest at the EVA Air Marathon on Sunday next week should EVA Airway Corp’s management continue to ignore the union’s petition to change rules on employees’ leave of absence system, after a flight attendant reportedly died after working on a long-haul flight while ill. The case has generated public discussion over whether taking personal or sick leave should affect a worker’s performance review. Several union members yesterday protested at the Legislative Yuan, holding white flowers and placards, while shouting: “Life is priceless; requesting leave is not a crime.” “The union is scheduled to meet with
‘UNITED FRONT’ RHETORIC: China’s TAO also plans to hold weekly, instead of biweekly, news conferences because it wants to control the cross-strait discourse, an expert said China’s plan to expand its single-entry visa-on-arrival service to Taiwanese would be of limited interest to Taiwanese and is a feeble attempt by Chinese administrators to demonstrate that they are doing something, the Mainland Affairs Council said yesterday. China’s Taiwan Affairs Office (TAO) spokesman Chen Binhua (陳斌華) said the program aims to facilitate travel to China for Taiwanese compatriots, regardless of whether they are arriving via direct flights or are entering mainland China through Hong Kong, Macau or other countries, and they would be able to apply for a single-entry visa-on-arrival at all eligible entry points in China. The policy aims
RSS