News Roundup: October 16-31, 2024
Bite-sized news and updates on the latest in Taiwan cybersecurity
Massive Data Leak Exposes Taiwan Hotel Guest Information in Cloud Misconfiguration
October 16, 2024
Taiwan's hotel booking industry has faced a significant data privacy breach, with over 765,000 guest records exposed due to a misconfigured AWS S3 bucket by Taiwanese blockchain firm OwlTing. Discovered by Cybernews, the exposed data included names, phone numbers, booking details, and other sensitive information, primarily affecting Taiwanese customers. This incident underscores the critical importance of secure cloud storage practices, especially as the leak could lead to identity theft, phishing, and various social engineering attacks. OwlTing has since closed access to the data, but this breach highlights ongoing challenges in safeguarding personal data within Taiwan’s growing hospitality and technology sectors.
Taiwan Faces Surge in DDoS Attacks Amid Decline in Cyber Intelligence Extraction
October 19, 2024
Taiwan saw an unprecedented increase in Distributed Denial of Service (DDoS) attacks in September, with over 50 incidents impacting government agencies and private businesses, compared to less than five in previous months. The attacks targeted crucial infrastructure, including tax offices, regional airports, and telecom companies, briefly disrupting services before systems were largely restored. To counter these escalating threats, Taiwan's Administration for Cyber Security collaborated with agencies to implement defenses such as IP blocking, static web pages, and advanced traffic management tools like Content Delivery Networks (CDNs) and traffic scrubbing, in coordination with Cloudflare. Despite these attacks, the amount of cybersecurity intelligence extracted from government sources fell by nearly 12,000 incidents from August, totaling 78,515 in September. Still, overall cybersecurity incidents rose by 38% from the previous month, underlining Taiwan’s increasing vulnerability to complex cyber threats.
Taiwan Partners with Somaliland for Enhanced E-Government and Cybersecurity
October 20, 2024
On October 20, 2024, Taiwan and Somaliland celebrated the groundbreaking of the Somaliland National Data and Cyber Security Center—a major step forward in Somaliland’s digital transformation and a key component of its e-government infrastructure. Operating under international standards, this center is part of the ongoing IT partnership launched in May, with a focus on establishing secure, centralized data management for government operations. Building on the initial success of this collaboration, which created the Somaliland Innovation Zone and the S-Road data exchange system, Phase II aims to bolster Somaliland’s cybersecurity resilience and IT capabilities through initiatives like capacity-building programs, scholarship opportunities, and inter-agency IT support. Taiwan’s extensive knowledge in semiconductor manufacturing, AI, and cybersecurity places it in a pivotal role to assist Somaliland in strengthening its digital infrastructure, fostering a skilled IT workforce, and achieving sustainable digital growth.
NHK Documentary Reveals Chinese Cognitive Warfare Tactics Against Taiwan
October 22, 2024
A recent NHK documentary sheds light on China’s strategic use of cyberattacks and disinformation campaigns to destabilize Taiwan. Taiwanese cybersecurity experts from TeamT5 uncovered 577 leaked documents linking the Chinese Communist Party to “cognitive warfare” efforts, including phishing tools for gaining unauthorized access to e-mail accounts and techniques for remote control of devices. The leaked documents, originating from the Shanghai-based firm iSoon, reveal close collaboration with Chinese security agencies, supplying them with tools and information critical to mounting cyber-espionage operations. In one instance, misinformation spread on popular Taiwanese forum Dcard fueled public outcry against a government policy, highlighting the efficacy of China’s disinformation tactics. These documents and activities, further verified by Doublethink Lab’s investigation, expose the far-reaching intent behind China’s influence campaigns, aimed at shaping public opinion and undermining Taiwan’s societal cohesion.
HITCON CISO Summit 2024: Strengthening Taiwan’s Cyber Defense with Asia-Pacific’s Top Security Leaders
October 24, 2024
The 2024 HITCON CISO Summit in Taipei marked a significant milestone for cybersecurity collaboration across the Asia-Pacific, gathering over 200 cybersecurity leaders from eight countries to discuss the pressing challenges facing Taiwan and the region. Organized by the Association of Hackers in Taiwan (HIT), this exclusive summit featured 15 intensive roundtable sessions and four keynote presentations, tackling topics from AI-driven security policies to securing critical infrastructure and addressing talent shortages. With high-profile attendees, including Taiwan's National Security Council Advisor and the American Institute in Taiwan Director, the event emphasized the role of CISOs in reinforcing cybersecurity resilience as Taiwan faces heightened digital threats.
The Summit spotlighted Taiwan’s strategic cybersecurity needs amid rising geopolitical tensions and ongoing cyber threats from nation-state actors. Discussions covered key areas such as supply chain security, semiconductor integrity, financial sector resilience, and strategies for tackling sophisticated attacks. As Taiwan strengthens its role as a tech hub, HITCON CISO Summit aims to build a lasting knowledge base and collaborative network, uniting public and private sectors in bolstering Taiwan’s digital defenses.
Zyxel Networks Sets New Security Benchmark in Taiwan
October 27, 2024
Zyxel Networks has become the first Taiwanese company to sign onto the U.S. Cybersecurity and Infrastructure Security Agency’s (CISA) “Secure by Design” initiative, marking a significant milestone in Taiwan's cybersecurity landscape. This proactive move underscores Zyxel's dedication to delivering robust, trustworthy security solutions, aligning with CISA's stringent security standards. By joining this initiative, Zyxel not only reinforces its commitment to safeguarding digital environments but also positions Taiwan as a proactive player in global cybersecurity efforts. As a recognized participant in CISA's vendor network, Zyxel is helping to set a new standard for security in Taiwan's tech industry, further solidifying its role as a leader in secure networking solutions.
Evasive Panda Unleashes Advanced Cyberespionage Toolset in Taiwan
October 29, 2024
In a recent wave of cyber espionage, Chinese-linked threat group Evasive Panda, also known as Bronze Highland, has targeted a government body and a religious organization in Taiwan using a new toolset called CloudScout. Uncovered by ESET researchers, CloudScout is designed to steal session cookies, enabling unauthorized access to cloud services such as Google Drive, Gmail, and Outlook. This .NET-based toolset works in conjunction with MgBot, Evasive Panda's proprietary malware framework, using a pass-the-cookie technique to hijack authenticated web sessions. Through complex web requests and HTML parsing, CloudScout extracts sensitive data—including emails, attachments, and files—and compresses it into ZIP archives for exfiltration. The emergence of CloudScout reflects Evasive Panda’s evolving tactics and reinforces Taiwan’s critical role as a target for cyber threats linked to China’s political and strategic objectives.
Strengthening Taiwan's Digital Security with Enhanced DDoS Protection
October 30, 2024
Chief Telecom, a leading telecommunications provider in Taiwan, has partnered with global network services provider RETN to bolster Taiwan’s defenses against rising cyber threats, particularly Distributed Denial of Service (DDoS) attacks. As Taiwan cements its position as a technology hub with one of Asia's highest internet penetration rates, ensuring robust network security is essential for its data-driven economy and high-tech industries. Leveraging RETN's advanced DDoS mitigation platform, the partnership equips Chief Telecom’s Taipei Internet Exchange (TPIX) and IP Transit services with automated threat detection and real-time mitigation powered by machine learning. This collaboration enhances Taiwan’s internet resilience, offering comprehensive security capabilities—such as volumetric attack protection and application layer defense—supported by RETN’s extensive Europe-Asia network and a 24/7 Security Operations Center (SOC), reinforcing Taiwan’s status as a digital gateway in the Asia-Pacific region.
CyberSec Taiwan
About CyberSec Taiwan
Your source for the latest news and analysis on Taiwan-centric cybersecurity.