Minister Yennun Huang of the Ministry of Digital Affairs stated that in response to recent cyber intrusion incidents by international hacker groups, the MODA and the Administration for Cyber Security have promptly gathered intelligence and have collaboratively issued real-time notifications with relevant units, as well as activated the joint defense system response with national security units. So far, no systems have been damaged, and all agencies have been able to restore operations within a short time.

Recently, international hacker groups have targeted Taiwan and several countries with cyber intrusion attacks. Since September 10th, various public and private sector websites in Taiwan have faced DDoS attacks from overseas, leading to unstable external service system connections. These attacks primarily employ issuing many connection requests, exhausting the system’s service capacity, and preventing genuine users from accessing services at counters.

The Administration for Cyber Security has reported 45 DDoS attacks so far, with no systems damaged yet. The targets of these attacks include local tax authorities, regional civil aviation stations, the Directorate-General of Budget, Accounting and Statistics, financial regulatory agencies, and some telecommunications operators. Most agencies activated defense and recovery mechanisms in the first instance to eliminate web problems, and most institutions have been able to restore services within a short time.

The Administration for Cyber Security noted that according to the assessment report released on September 5th by the U.S. Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA), Russian military cyberattack operations have targeted critical infrastructure in major democratic countries including the U.S., Canada, and the European Union.

The Administration for Cyber Security reminds central and local agencies and all sectors to prepare static webpages and traffic cleaning mechanisms as contingency preparations. In attack incidents, they should ensure timely notifications and implement defense and recovery measures, such as blocking attack IP addresses to mitigate issues. Long-term defense strategies can include reviewing and taking down idle web pages, planning to introduce CDN (Content Delivery Network or Content Distribution Network) technology for traffic distribution, and implementing protection drills.

The Administration for Cyber Security will continue to monitor the overall situation and share cybersecurity intelligence through the Taiwan Computer Emergency Response Team / Coordination Center (TWCERT/CC) while maintaining mutual sharing of cyber threat intelligence with various countries, and promptly notify agencies of joint defense responses to maintain overall information and communication security.