News Roundup: March 2025
Strategic perspective on the threats, trends, and policies shaping Taiwan’s cybersecurity landscape
Taiwan Expands Pipeline for Female Cybersecurity Talent
Taiwan’s National Science and Technology Council (NSTC) is advancing gender equity in cybersecurity by launching targeted initiatives to cultivate young female talent in the field. Through scholarships, mentorship, and competitions, the NSTC aims to increase women’s participation in national cybersecurity efforts, helping to address talent shortages while building a more inclusive cyber workforce. This initiative reflects a broader, ongoing effort by Taiwan to engage women in digital defense, following earlier projects like the 2021 “Girls in Cyber Security” hackathon in Tainan, which brought together high school and college students to develop hands-on technical skills source. With the cybersecurity sector under mounting pressure from increasingly complex threats, these programs demonstrate a proactive approach to strengthening Taiwan’s human capital pipeline.
Policy Recommendation: The Ministry of Digital Affairs (MODA) should collaborate with NSTC to formalize a national women-in-cyber network, anchored in internships, research funding, and mentorship opportunities. This effort should be folded into the Administration for Cyber Security’s blueprint for cybersecurity education and training, and ultimately integrated into a broader, government-wide cybersecurity workforce development plan that prioritizes both capability and inclusivity. A long-term evaluation framework should also be implemented to measure the program’s impact on Taiwan’s cyber workforce diversity and resilience
CyCraft Addresses Cybersecurity Workforce Gaps in Taiwan
With cybersecurity talent shortages posing long-term risks to national resilience, CyCraft has launched intensive training programs to rapidly upskill local professionals in advanced threat detection and incident response. The company’s strategy includes integrating AI tools into its training environment to bridge skill gaps and increase real-world readiness. Taiwan’s growing digital economy and high exposure to state-sponsored cyberattacks demand precisely this type of agile workforce development.
Policy Recommendation: The Ministry of Labor and the NSTC should subsidize specialized cybersecurity certification tracks in partnership with firms like CyCraft and TeamT5. A tiered funding model based on performance metrics can help scale these programs nationally, ensuring rural and underserved regions are not left out of Taiwan’s security ecosystem.
Taiwan is Securing its Drone Ecosystem Against Emerging Cyber Threats
Taiwan’s strategic push to establish a democratic drone supply chain brings renewed urgency to address the cybersecurity vulnerabilities of unmanned aerial systems. The government’s new five-point strategy aims to build a secure and resilient drone industry through increased procurement, global partnerships, and cybersecurity certification for domestic manufacturers. This effort is particularly important as drones become dual-use technologies in both civil and military sectors. However, as satellite-linked drones and aviation systems become more interconnected, Taiwan must prepare for the growing spectrum of cyberattacks targeting space and airborne platforms, as highlighted by recent reports on space-based threats. Integrating cybersecurity into drone design and deployment is essential to protect critical surveillance and communication capabilities.
Policy Recommendation: Taiwan should embed aviation and drone cybersecurity into its national cyber defense strategy through red-team testing of UAV command and control systems, mandatory threat modeling during drone R&D, and inclusion of secure-by-design criteria in procurement. The Administration for Cyber Security under MODA should coordinate with the Ministry of National Defense and Ministry of Economic Affairs to ensure cybersecurity certifications for drones are continuously updated and benchmarked against evolving international standards such as those from the US National Institute of Standards and Technology (NIST) and the European Union Agency for Cybersecurity (ENISA).
Read more about Defending Taiwan’s Drones.
Taiwan to Build Its Own AI Translation Tools
Following high-profile translation inaccuracies involving foreign leaders, Taiwanese experts and officials are advocating for the development of domestic AI translation systems tailored to Taiwan's unique linguistic and political context. The push stems from growing concern over reliance on foreign AI translation platforms that may embed geopolitical biases or fail to recognize Taiwan’s formal designations. As Taiwan expands its engagement in multilingual diplomacy and international cybersecurity collaboration, sovereignty-aware language tools will be key to ensuring clarity and control over strategic communications.
Policy Recommendation: Taiwan should prioritize funding for public-private R&D partnerships through its National Science and Technology Council (NSTC) to accelerate the development of open source, Taiwan-centric AI language models. This effort can be coordinated with academic institutions such as Academia Sinica and the Taiwan AI Academy to ensure robustness, multilingual capabilities, and transparency.
Hospital Investigates Massive Medical Document Leak
In one of the most significant healthcare data breaches Taiwan has faced, Mackay Memorial Hospital confirmed a ransomware attack in February 2025 that compromised 32.5GB of data from an estimated 16.6 million patients across its network. The ransomware, identified as “Crazy Hunter,” forced over 500 computers offline, with hackers later claiming to sell the data on illicit forums. The breach exposed major systemic vulnerabilities in hospital cybersecurity infrastructure, especially in facilities dependent on legacy IT systems. Despite Mackay’s public reassurance that it follows a zero-trust architecture, the incident reveals an urgent need for enforced sector-wide cybersecurity standards. The Ministry of Health and Welfare also confirmed that similar breaches affected other hospitals such as Changhua Christian Hospital, further signaling sector-wide fragility in Taiwan’s healthcare cybersecurity posture.
Policy Recommendation: Taiwan’s Ministry of Health and Welfare should mandate quarterly cyber risk audits for all hospitals under its jurisdiction and require the integration of modern threat detection systems across both public and private healthcare institutions. Additionally, centralizing breach reporting through a national medical cyber incident response center and subsidizing cybersecurity modernization for legacy systems would provide a unified and proactive shield against future health-sector intrusions.
Read more about The Dark Web Threat Landscape Facing Taiwan.
Audrey Tang on Taiwan's Tech Diplomacy and Democratic Resilience
In a recent interview hosted by the University of Cambridge's Centre for Geopolitics, Audrey Tang emphasized Taiwan’s role in global tech diplomacy and the ethical development of digital infrastructure. Tang underscored Taiwan's leadership in open governance and cybersecurity transparency, noting how the island’s commitment to democratic digital norms offers a model in countering authoritarian tech influence. The conversation placed particular focus on Taiwan’s proactive engagement with international partners to defend both information integrity and technical interoperability.
Policy Recommendation: Taiwan should institutionalize a Digital Democracy Partnership Initiative under its Ministry of Digital Affairs to formalize cooperative cybersecurity frameworks with like-minded democracies. This should include reciprocal fellowships, open source tool sharing, and cross-border training focused on secure civic tech and transparent algorithmic governance.
Taiwan’s Cybersecurity Industry Sees Major Growth
Taiwan’s cybersecurity industry now includes over 2,000 companies working under its national security framework, reflecting a sharp rise in awareness of cyber threats and the importance of supply chain resilience. In 2023, Taiwan’s cybersecurity market exceeded NT$70 billion and is expected to keep growing at an annual rate of 10.77% through 2028 as the government expands support for public-private cooperation source.
Policy Recommendation: Taiwan should formalize a national cybersecurity cluster accelerator, linking industry, academia, and government to develop next-generation solutions in areas like privacy-enhancing AI, secure embedded systems, and post-quantum encryption. A tiered tax credit system could further attract strategic investment while encouraging R&D localization.
Other News
PJobRAT Malware Targets Users in Taiwan via Fake Apps
Security researchers have identified a new campaign using PJobRAT malware to target Taiwanese users through trojanized Android job applications, a tactic that exploits local employment-seeking behavior to deliver spyware. This reflects an ongoing trend of tailoring social engineering attacks to Taiwan’s domestic context, highlighting the need for stricter mobile app store vetting and user education.
CrazyHunter Ransomware Expands to Listed Companies in Taiwan
The ransomware group CrazyHunter, which recently targeted Taiwanese hospitals (Mackay Memorial Hospital case), has expanded its attacks to include publicly listed Taiwanese companies, marking a clear escalation in its operational scope and impact. This shift suggests attackers are testing Taiwan’s broader corporate sector defenses, requiring urgent resilience-building across both public and private institutions.
New Botnet Used in Record-Breaking DDoS Attacks Linked to Taiwan IPs
The Eleven11 botnet has been linked to record-setting DDoS attacks, with 17.7% of its IP infrastructure traced back to Taiwan, second only to the United States. Taiwan’s disproportionate presence in this infrastructure raises concerns about local device security and the effectiveness of endpoint hardening practices.
Zyxel Receives Taiwan Excellence Award for Security and WiFi Solutions
Taiwan-based Zyxel was recognized with a Taiwan Excellence Award for its innovations in WiFi and network security, showcasing the island’s capacity for exporting trusted cybersecurity and connectivity technology. This recognition enhances Taiwan’s reputation as a regional leader in secure digital infrastructure.
CHT Security and Radware Formalize Cybersecurity Partnership
CHT Security has signed a new partnership with Radware to strengthen Taiwan’s cybersecurity ecosystem, combining local threat intelligence with international DDoS mitigation expertise. Such collaborations are critical for scaling defensive capabilities in the face of growing and increasingly globalized cyber threats.
Published Reports
Cisco Talos: Threat Actor Targeting Taiwan’s Critical Infrastructure
Cisco Talos identified UAT-5918, a suspected China-linked threat actor, as actively targeting Taiwan’s critical infrastructure through custom malware and strategic network exploitation. The actor’s sustained activity suggests a continued focus on disrupting Taiwan’s operational technology and national resilience.
Read the full report here, and a strategic overview in CyberSec Taiwan’s Report Insights.
University of Nottingham: UK–Taiwan Cybersecurity Cooperation
The University of Nottingham’s report highlights the growing scope for UK–Taiwan cooperation in cybersecurity policy, workforce development, and regulatory alignment. Taiwan’s strategic cyber capacity-building could benefit from structured bilateral partnerships with liberal democracies.
Read the full report here, and a strategic overview in CyberSec Taiwan’s Report Insights.
Taiwan Ministry of National Defense: 2025 Quadrennial Defense Review
Taiwan’s 2025 QDR incorporates cyber resilience as a key priority in deterring gray zone threats and safeguarding defense networks. It calls for tighter defense-civilian collaboration and real-time threat sharing mechanisms to secure critical command-and-control systems.
Read the full report here, and a strategic overview in CyberSec Taiwan’s Report Insights.
Global Taiwan Institute: Chinese Communist Party Covert Operations Against Taiwan
The Global Taiwan Institute outlines how China’s covert operations against Taiwan increasingly blur traditional boundaries between espionage, political influence, and cyber operations, with emphasis on Beijing's use of "unofficial" intermediaries and non-kinetic tactics to undermine democratic institutions and digital sovereignty. The report highlights that Taiwan's complex media and civil society environment is being tactically exploited to facilitate information laundering and pro-CCP narratives.
Read the full report here.
Global Taiwan Institute: The Chinese Communist Party’s Gray Zone Tactics Against Taiwan
This companion report explores how China's gray zone campaigns against Taiwan incorporate cyber-enabled disinformation, economic coercion, and digitally-enabled psychological warfare to destabilize trust in democratic governance and societal cohesion. It emphasizes the role of cyber operations as a persistent and scalable tool for asymmetric pressure without triggering open conflict.
Read the full report here.
CrowdStrike: 2025 Global Threat Report
CrowdStrike’s 2025 report notes increased China-nexus intrusions against Taiwanese industrial targets, particularly in aerospace and defense sectors, leveraging malware variants tied to PLA-affiliated groups. Taiwan remains one of the most frequently targeted countries in Asia for state-backed espionage.
Read the full report here.
Administration for Cyber Security, MODA: February 2025 Monthly Report
MODA’s latest monthly report notes a continued rise in phishing, ransomware, and disinformation campaigns affecting both government and private systems, including persistent targeting of supply chain vendors. It also stresses the need to modernize security auditing across essential services and cloud environments.
Read the full report here.
CyberSec Taiwan
About CyberSec Taiwan
Your source for the latest news and analysis on Taiwan-centric cybersecurity.