Government agencies have weak encryption methods, inadequate screening against injection attacks and experience broken access controls, according to the latest report published by the Ministry of Digital Affairs’ (MODA) Administration for Cyber Security.
Each year, the agency selects one government Web site that is publicly accessible for a live security exercise. After the exercise, it compiles a report detailing the information security risks found.
There were 83,105 thwarted cyberattack incidents last month, down 13,070 compared with the previous month, the report said.
Photo: Reuters
The top threats were information gathering probes, comprising 52 percent of attacks, invasive attacks at 21 percent and attempts at system invasion at 16 percent, according to the report.
Hackers have used third-party e-mail services to bombard certain government agencies with phishing e-mails containing files that read like petitions, with the malware creating backdoors for hackers and allowing them access to sensitive information, it said.
Forty information security incidents were reported last month, down 13 from the previous month, the report said.
About 47.5 percent of incidents were caused by agency equipment connecting to rogue relay stations, users downloading malware using agency networks, or connections to applications that would steal data or insert malware, it said.
Only a portion of government agency employees are screening sensitive data by converting the files using built-in masking functions from PDF software, it added.
The Administration for Cyber Security said such efforts are easily cracked, and users should “scrub” their files before converting them to an image file.
The report said government Web sites exhibited a weakness against injection attacks and posed a possible breakthrough point for hackers.
Government agencies should identify and remove such vulnerabilities, the report said, adding that special characters should be included in a filter list to prevent injection attacks.
Injection attacks are instances where hackers manipulate vulnerabilities in coding to inject malware or trick systems into allowing them to access data that should not be available to ordinary users.
Government Web sites are vulnerable to broken access controls, allowing some users to access files previously inaccessible via path traversal attacks, the report said.
Government agencies must implement access controls for files and data, and ensure that users cannot access files via path traversal attacks, which use an affected application to access files and system folders higher in the directory hierarchy than the Web root folder on the server, it said.
Eight restaurants in Taiwan yesterday secured a one-star rating from the Michelin Guide Taiwan for the first time, while three one-star restaurants from last year’s edition were promoted to two stars. Forty-three restaurants were awarded one star this year, including 34 in Taipei, five in Taichung and four in Kaohsiung. Hosu (好嶼), Chuan Ya (川雅), Sushi Kajin (鮨嘉仁), aMaze (心宴), La Vie by Thomas Buhner, Yuan Yi (元一) and Frassi in Taipei and Front House (方蒔) in Kaohsiung received a one-star rating for the first time. Hosu is known for innovative Taiwanese dishes, while Chuan Ya serves Sichuan cuisine and aMaze specializes
Taitung County is to launch charter flights to Malaysia at the end of this year, after setting up flights to Vietnam and Thailand, the Taitung County Government said yesterday. The new charter flight services, provided by low-cost carrier Batik Air Malaysia, would be part of five-day tour packages for visits to Taitung County or Malaysia. The Batik Air charter flight, with about 200 seats, would take Malaysian tourists to Taitung on Dec. 30 and then at 12:35pm return to Kuala Lumpur with Taiwanese tourists. Another charter flight would bring the Taiwanese home on Jan. 3 next year, arriving at 5:30pm, before taking the
Taiwan High Speed Rail Corp. (THSRC) plans to ease strained capacity during peak hours by introducing new fare rules restricting passengers traveling without reserved seats in 2026, company Chairman Shih Che (史哲) said Wednesday. THSRC needs to tackle its capacity issue because there have been several occasions where passengers holding tickets with reserved seats did not make it onto their train in stations packed with individuals traveling without a reserved seat, Shih told reporters in a joint interview in Taipei. Non-reserved seats allow travelers maximum flexibility, but it has led to issues relating to quality of service and safety concerns, especially during
STATS: Taiwan’s average life expectancy of 80.77 years was lower than that of Japan, Singapore and South Korea, but higher than in China, Malaysia and Indonesia Taiwan’s average life expectancy last year increased to 80.77 years, but was still not back to its pre-COVID-19 pandemic peak of 81.32 years in 2020, the Ministry of the Interior said yesterday. The average life expectancy last year increased the 0.54 years from 2023, the ministry said in a statement. For men and women, the average life expectancy last year was 77.42 years and 84.30 years respectively, up 0.48 years and 0.56 years from the previous year. Taiwan’s average life expectancy peaked at 81.32 years in 2020, as the nation was relatively unaffected by the pandemic that year. The metric
RSS