Cyberattacks on Taiwan’s government doubled in 2024, with an average of 2.4 million attacks per day, according to a report from Taiwan’s National Security Bureau. The majority of these cyberattacks were attributed to Chinese cyber forces, marking a significant increase from the previous year, which saw 1.2 million daily attacks.
These attacks are part of what Taiwan sees as China’s ongoing “grey-zone harassment” campaign, which includes daily military drills, surveillance balloons, and escalating cyberattacks. These actions coincide with China’s growing political and military pressure on Taiwan to accept its sovereignty claim. The Government Service Network (GSN), a key Taiwanese infrastructure, was one of the primary targets of these cyberattacks, with sectors like telecommunications, transportation, and defense being particularly targeted.
Despite many of the attacks being effectively blocked, the report highlights the increasingly severe nature of China’s cyber activities. Some of the attacks were timed to coincide with Chinese military drills around Taiwan, including distributed denial-of-service (DDoS) attacks aimed at disrupting access to Taiwan’s transportation and financial institutions. The purpose of these attacks was seen as part of a broader strategy to intimidate Taiwan through military and cyber harassment.
The report also detailed efforts by China’s cyber forces to exploit advanced persistent threats and backdoor software to infiltrate Taiwan’s critical infrastructure, including highways and ports. These tactics aim to disrupt government operations and gain strategic advantages in various sectors, including politics, military, technology, and the economy.
China has repeatedly denied involvement in cyberattacks but has been frequently accused by foreign governments, including the U.S., of cyber espionage. Taiwan’s report pointed out that China’s cyberattacks included efforts to steal sensitive information from Taiwanese civil servants’ emails and involved social engineering tactics.
