Share this article on:
Cyber attacks in Taiwan have spiked significantly as tensions between the nation and China begin to heat up, according to a new report.
The Trellix Advanced Research Centre has said that the cyber attacks have targeted a number of industries in the region, with the hope of stealing data and launching malware.
“From malicious emails and URLs to malware, the strain between China’s claim of Taiwan as part of its territory and Taiwan’s maintained independence has evolved into a worrying surge in attacks,” the report said.
During the period from 7 April to 10 April, Trellix found that the number of cyber attacks quadrupled, with the manufacturing, logistics and networking sectors being the most heavily targeted.
The attacks generally consisted of malicious emails and URLs, aimed at Taiwanese organisations, as well as launching malware.
Trellix identified four different types of malicious email, simulating various scenarios where urgent payment was required, such as overdue legal fees, fake shipment notifications from notable brands such as DHL, quotation requests, and purchase notifications.
In addition, from 10 April and 12 April, Trellix detected a 15-times increase in a remote-access Trojan called PlugX, which is commonly used by Chinese hackers as a Windows backdoor to gain access and control of machines.
A spyware called Zmutzy and a family of Trojans under the Kryptik banner were also detected.
“Furthermore, during the last week of January 2023, our researchers observed a significant rise in extortion emails aimed at Taiwan government officials, with a 30-fold increase in malicious email counts,” added Trellix.
“Though it’s unclear if this activity is from China-backed threat actors, it speaks to a continued increase in attacks specifically targeting Taiwan.”
The spike in attacks comes as political tensions between the two countries escalate, with China steadily increasing its military presence while provoking Taiwan and its neighbours with displays of military power.
In addition, China is considered one of the top nations for threat activity.
Trellix said that political tensions and conflict between nations are a honeypot for cyber attacks and that organisations that operate in areas where geopolitical conflict is increasing should prepare their networks.
“In the past few years, we noticed that geopolitical conflicts are one of the main drivers for cyber attacks on a variety of industries and institutions,” said senior vice president of the Trellix Advanced Research Centre, Joseph Tal.
“Monitoring geopolitical events can help organisations to predict cyber attacks in countries they operate in.”