Menu Close

Cyber attacks on Taiwan: China caught in its own tangle

Amid rising pressure between China and Taiwan, US House of Representatives Speaker Nancy Pelosi’s go to on Tuesday fueled Chinese aggression. Before Pelosi’s go to, Taiwan’s authorities web sites confronted DDoS (Distributed Denial of Secrets) assault by hackers believed to be from China. During a DDoS assault, enormous web visitors is shipped to the goal server to cease the service.

Taiwan Presidential Palace spokesperson Chang Tun-Han acknowledged this and stated in a Facebook publish that the official web site of the Presidential Palace was attacked by an abroad DDoS assault, and the assault visitors was 200 occasions that of regular visitors.

In a press release, the overseas ministry stated that web sites had been hit with as much as 8.5 million visitors requests a minute from a “large number of IPs from China, Russia and other places, according to Reuters.

“Before Pelosi arrived, electronic bulletin boards in the Taiwan Railways Administration’s Sinzuoying Station and in some 7-Eleven convenience stores were hacked as well, showing messages in simplified Chinese characters asking Pelosi to leave Taiwan,” reported by Taipei Times.

Defaced screen at a convenience store in Taiwan.

The report further stated, “National Communications Commission Chairman Chen Yaw-shyang () on Wednesday told a news conference at the Executive Yuan that the bulletin boards in the convenience stores were easily hacked because they use Chinese software, which could contain Trojan malware and make them targets of cyberattacks.”

READ | Decoding Chinese chatter on Pelosi’s Taiwan visit

CHINESE CYBER ATTACKS

A report published by a Taiwanese security firm, CyCraft, attributed previous cyber attacks on financial institutions to disrupting the economic growth of Taiwan and stated that this intrusion is tracked under the code name of Operation Cache Panda to hacking group APT10.

This Chinese cyber-espionage group known in the cyber security industry as APT10 also acted in association with the Chinese state department in several hacking operations.

According to the US Department of Justice, “The APT10 Group targeted a diverse array of commercial activity, industries and technologies, including aviation, satellite and maritime technology, industrial factory automation, automotive supplies, laboratory instruments, banking and finance, telecommunications and consumer electronics, computer processor technology, information technology services, packaging, consulting, medical equipment, healthcare, biotechnology, pharmaceutical manufacturing, mining, and oil and gas exploration and production. Among other things, Zhu and Zhang registered IT infrastructure that the APT10 Group used for its intrusions and engaged in illegal hacking operations.”

According to Reuters, “In 2020, Chinese hacking group Blacktech linked to the Chinese government had attacked at least 10 government agencies and 6,000 email accounts of government officials in an “infiltration” to steal important data.

In November 2021, Taiwanese government representatives revealed that around five million cyber-attacks hit Taiwan’s government agencies every day, and most of the hacking attempts are originated from China.

READ | Will China use Pelosi’s visit to change status quo with Taiwan?

CONNECTION BETWEEN APT10 AND BLACKTECH

A report published by a Japanese cyber security researcher successfully identified the malware used by APT10 and Blacktech in different operations, which are “SodaMaster and TScookie”.

The identified common features between SodaMaster and TSCokkie are username, computer name and current process ID. This demonstrates the possibility of the one entity operating APT10 and Blacktech hacking group.

Source code of Malwares (Source: kasperskydaily)

RETALIATION OF HACKTIVISTS AGAINST CHINA

The well-known hacking group “Anonymous”, known for its hacking campaigns against aggressive states, defaced Chinese government websites in vengeance for alleged cyber attacks on Taiwanese government websites.

China’s Heilongjiang Society Scientific Community Federation website was defaced by the anonymous collective @DepaixPorteur. The hacker defaced the website with the image of US House Speaker Nancy Pelosi and Taiwan’s President Tsai Ing-wen with the note “Taiwan Numbah Wan!” And “Taiwan welcomes US House Speaker Nancy Pelosi!”

Hacker also wrote, “There is one China, but Taiwan is the real China, while yours is only an imitation straight out of wish.com.”

A screenshot of the message posted on the web site of China’s Heilongjiang Society Scientific Community Federation

Screenshot of the net archive of the defaced web page

Taiwan’s President Tsai Ing-wen sees the island as a sovereign nation, not part of China; Taipei has accused Beijing of ramping up cyber attacks since 2016 after the Presidential election.

READ | India can also play ‘Taiwan card’ if China misbehaves: Shashi Tharoor on Pelosi’s go to

READ | Pelosi in Taiwan: A US-China wrestling match to determine the brand new huge boss

— ENDS —