News Roundup: March 1-22, 2024
Bite-sized news and updates on the latest in Taiwan cybersecurity
TeamT5 Provides Valuable Insights on the Cyber Threats from Taiwan’s 2024 Presidential Election
March 3, 2024
The 2024 Presidential Election in Taiwan marked a significant moment in the global electoral landscape, kicking off a year of democratic exercises across numerous countries. While the election proceeded smoothly, TeamT5 underscores the persistent threat of state-sponsored cyberattacks, particularly from China-linked actors. In their whitepaper, TeamT5 examines the tactics employed by these actors, emphasizing the need for ongoing vigilance and adaptive cybersecurity strategies. Highlighting the evolving nature of cyber threats, the whitepaper aims to equip democracies worldwide with actionable insights to fortify their electoral integrity against sophisticated cyber threats.1
Lithuania Warns about China's Escalating Espionage and the Taiwan Factor
March 7, 2024
Lithuania has sounded the alarm on China's heightened espionage endeavors, particularly targeting individuals with access to sensitive information and networks in the wake of Lithuania's establishment of the Taiwanese Representative Office. Chinese intelligence services, faced with diplomatic setbacks, are intensifying efforts to recruit local spies and leverage cyber tools to gather intelligence on internal affairs and foreign policy. This surge in activity underscores China's strategic interest in disrupting diplomatic alliances supportive of Taiwan, with implications extending beyond Lithuania's borders. The report also highlights the evolving tactics of Chinese intelligence, including social network infiltration and cyber-espionage campaigns, posing significant challenges to Lithuania's cybersecurity landscape and geopolitical stability.2
ESET Research Discovers: Evasive Panda Strikes — Unveiling a Global Cyberespionage Campaign Targeting Tibetans, Including Taiwan
March 7, 2024
ESET researchers unveiled a sophisticated cyberespionage campaign orchestrated by the China-aligned Evasive Panda APT group, targeting Tibetans globally through strategic web compromises and supply-chain attacks. Leveraging the Monlam Festival, a religious event, as a guise, the attackers infiltrated the website of the Kagyu International Monlam Trust and a Tibetan news website, deploying trojanized Tibetan language translation software to compromise users' systems. The campaign, operational since at least September 2023, utilized malicious downloaders and the newly identified Nightdoor backdoor to infiltrate networks in India, Taiwan, Hong Kong, Australia, and the United States, including Georgia Tech. With a history of targeting individuals and government entities across China and Southeast Asia, Evasive Panda employs custom malware frameworks and adversary-in-the-middle attacks to carry out its espionage activities, posing a significant threat to global cybersecurity, with Taiwan being one of the key targets.3
‘Acer Philippines’ Data Breach Exposes Employee Data
March 13, 2024
Acer Philippines, a subsidiary of the Taiwanese multinational company Acer Inc., recently disclosed a data breach stemming from an attack on a third-party vendor managing employee attendance data. The breach, orchestrated by threat actor ph1ns, led to the leak of employee data on a hacking forum. While Acer confirmed that only a limited number of employees were affected and no customer data compromised, the incident underscores the global reach of cyber threats and the importance of robust cybersecurity measures. Acer is actively investigating the breach with cybersecurity experts and has notified relevant authorities, demonstrating a proactive approach to addressing the breach and safeguarding sensitive information.4
Read about Chunghwa Telecom’s Data Breach.
Google Makes Big Investment into AI and Cybersecurity Innovation in Taiwan
March 15, 2024
Google's recent announcement regarding the expansion of its AI talent cultivation program in Taiwan signifies a pivotal move with far-reaching implications for the country's cybersecurity landscape. Beyond simply enhancing literacy and empowering developers, Google's initiatives underscore a strategic commitment to fostering innovation while concurrently addressing the pressing need for robust cybersecurity measures. By equipping educators and developers with AI tools and knowledge, Google not only cultivates a digitally fluent generation but also bolsters Taiwan's resilience against emerging cyber threats. Furthermore, Google's investment in expanding its operational footprint in the region, coupled with initiatives like the Apricot subsea cable program, positions Taiwan as a key node in the global digital economy while fortifying its cybersecurity infrastructure against evolving challenges.56
Paraguay’s Minister of Information Explores Taiwan's Cybersecurity Expertise
March 17, 2024
During a five-day visit to Taiwan, Paraguayan Minister of Information and Communication Technologies, Gustavo Emigdio Villate Samaniego, is set to delve into the nation's cybersecurity advancements. Invited by Taiwan's Ministry of Foreign Affairs (MOFA), Villate's delegation will tour key institutions, including the Administration for Cyber Security and the National Institute for Cyber Security. This diplomatic engagement highlights Taiwan's commitment to sharing expertise in cybersecurity with strategic partners like Paraguay, fostering international collaboration in combating cyber threats and enhancing digital resilience.7
[Black Hat Asia 2024] TeamT5 Will Give a Talk on “Chinese APT: A Master of Exploiting Edge Devices”
March 18, 2024
At Black Hat Asia 2024, Greg Chen, Charles Li, and Che Chang from TeamT5 will address the escalating cyber threats posed by Chinese Advanced Persistent Threat (APT) actors targeting Taiwan through the exploitation of edge devices. Bound by the COVID-19 pandemic, these actors have utilized sophisticated techniques to compromise edge devices, including firewalls, VPNs, and IoT devices, to establish botnets, disseminate disinformation, and extract sensitive data. The presentation will unveil recent zero-day exploits on surveillance routers and showcase case studies of edge device abuse, offering insights into mitigation strategies against such attacks. This session underscores the critical importance of bolstering cybersecurity defenses, particularly in the face of evolving threats to digital infrastructure.8
Taiwan Global Institute Publishes Article on Addressing Escalating Cyber Threats to Taiwan
March 20, 2024
The Taiwan Global Institute in their Global Taiwan Brief Vol. 9, Issue 6, published an article by PhD candidate, Enescan Lorci, titled, “The Nexus of Cybersecurity and National Security: Taiwan’s Imperatives Amidst Escalating Cyber Threats”. It explores Taiwan's response to increasing cyber threats, particularly from China. It discusses the surge in cyberattacks targeting various sectors in Taiwan, including government entities and financial institutions, outlining the strategic objectives behind these attacks. The article highlights Taiwan's proactive measures, such as the National Cyber Security Strategy (NCSS) and the establishment of cybersecurity-oriented government agencies under President Tsai's administration. Lorci emphasizes the importance of enhancing international collaboration, public awareness, and cyber capabilities to fortify Taiwan's national security against evolving cyber threats.9
Devcore Shines: Highlights from ‘Day 1’ Pwn2Own Vancouver 2024
March 20, 2024
Pwn2Own Vancouver 2024, one of the most renowned computer hacking contests in the world, organized by Zero Day Initiative, concluded its first day with impressive performances. Among the standout participants was the Devcore team, whose expertise in identifying and exploiting vulnerabilities was on full display. Successfully executing a Local Privilege Escalation (LPE) attack against Windows 11, the team earned $30,000 and 3 Master of Pwn points. Despite encountering a bug collision during a similar attempt on Ubuntu Linux, where the exploited bug was previously known, Devcore still secured $10,000 and 1 Master of Pwn points. These achievements underscore Devcore's formidable presence and technical prowess in the cybersecurity arena, solidifying their reputation as a force to be reckoned with.10
APrIGF 2024 Explores Responsible Internet Governance
March 21, 2024
The Asia Pacific Regional Internet Governance Forum (APrIGF) 2024 convenes to tackle pressing issues in cyber governance, emphasizing the region's evolving internet landscape and persistent challenges. As internet connectivity and usage expand, stakeholders prioritize inclusivity, safety, security, affordability, and digital rights. Core internet principles of openness and accessibility guide discussions, which center on security, trust, resilience, and ethical governance of emerging technologies. Participants explore strategies to foster responsible online governance, address security risks, safeguard data privacy, ensure information integrity, and enhance online safety. Collaborative efforts aim to strengthen digital infrastructure, promote continuity, and uphold ethical standards amid technological advancements. APrIGF 2024 serves as a platform for dialogue and action to shape the future of internet governance in the Asia-Pacific region.11
CyberSec Taiwan
About CyberSec Taiwan
Your source for the latest news and analysis on Taiwan-centric cybersecurity.
https://teamt5.org/en/posts/whitepaper-cyber-threats-against-taiwan-s-2024-presidential-election/
https://therecord.media/lithuania-warns-china-cyber-espionage-increase
https://www.eset.com/int/about/newsroom/press-releases/research/china-aligned-evasive-panda-leverages-religious-festival-to-target-and-spy-on-tibetans-eset-research-discovers-1/
https://cybersafe.news/acer-philippines-reports-data-breach-in-third-party-vendor-hack/
https://www.digitimes.com/news/a20240314PD209/google-taiwan-ai-talent-cybersecurity.html
https://www.msn.com/en-us/news/technology/what-opportunities-does-google-s-ai-expansion-offer-taiwan/ar-BB1jRcYG
https://focustaiwan.tw/politics/202403170003
https://teamt5.org/en/posts/black-hat-asia-2024/
https://globaltaiwan.org/2024/03/the-nexus-of-cybersecurity-and-national-security-taiwans-imperatives-amidst-escalating-cyber-threats/
https://www.zerodayinitiative.com/blog/2024/3/20/pwn2own-vancouver-2024-day-one-results
https://blog.twnic.tw/2024/03/21/29915/