The alarming surge in cyberattacks on Taiwan, driven by escalating geopolitical tensions with China, has highlighted the pressing need for robust cybersecurity measures in 2024. According to Taiwan’s National Security Bureau (NSB), daily cyberattack attempts originating from China skyrocketed to 2.4 million in 2024, a dramatic increase from the 1.2 million daily average reported in 2023. The vast majority of these attacks targeted government agencies, telecommunications firms, and transportation sectors, emphasizing a concentrated effort to destabilize Taiwan’s critical infrastructure.

Phishing Emails and Zero-Day Exploits Dominate Cyberattacks

Chinese cyber-operations groups employed sophisticated techniques, such as phishing emails and zero-day exploits, to infiltrate Taiwanese organizations. The NSB’s annual analysis revealed a sixfold increase in security incidents targeting Taiwan’s telecommunications sector. Government systems faced the brunt of these attacks, accounting for more than 80% of successful breaches.

In total, Taiwanese organizations suffered at least 906 successful cyberattacks in 2024—a 20% increase compared to 2023. This surge underscores the scale of China’s cyber offensive and its focus on critical infrastructure and key private enterprises.

Critical Infrastructure Under Siege

The telecommunications industry, in particular, has become a focal point of China’s cyber operations. Michael Freeman, head of threat intelligence at Armis, noted that Chinese hackers have targeted telecommunications providers globally, including at least nine firms in the U.S. “If you can control the flow of information, you control a lot of factors,” Freeman stated. The ability to access sensitive communications can be leveraged for espionage, blackmail, and other forms of cyber exploitation.

Taiwan’s transportation sector also came under significant pressure, with cyber ambushes aimed at disrupting critical services. Such attacks can have far-reaching implications, jeopardizing national security and economic stability.

Geopolitical Stress Fuels Cyberattacks

Cyberattacks tend to escalate during periods of heightened diplomatic tensions. In 2024, the Asia-Pacific region experienced increased threat activity, fueled by China’s aggressive cyber operations and broader geopolitical stress. The Chinese government’s policy requiring researchers to disclose vulnerabilities to state authorities has likely bolstered its arsenal of exploitable flaws.

Jon Clay, vice president of threat intelligence at Trend Micro, emphasized that the objective of China’s cyber aggression is to secure political, military, and economic advantages. “It’s all about acquiring sensitive information for strategic gain,” he remarked. With geopolitical conflicts intensifying, businesses operating in the region must prioritize enhanced cybersecurity measures to mitigate risks.

The Global Reach of China’s Cyber Operations

China’s cyberattacks are not limited to Taiwan. Over the past year, government-backed groups have compromised telecommunications networks in the U.S., stolen sensitive information from Southeast Asia and Africa, and targeted Indian individuals with SMS phishing schemes. These activities demonstrate a diversification of tactics, with Chinese hackers venturing beyond traditional cyber espionage.

One concerning trend is the alleged compromise of the federal wiretapping system in the U.S., potentially granting Chinese authorities access to sensitive espionage-related information. In Taiwan, the NSB reported an increase in espionage-related prosecutions, with 64 individuals charged in 2024 compared to 48 in 2023.

Countermeasures: The Need for Proactive Defense

Despite the growing threat, countermeasures to curb China’s cyber aggression remain limited. Freeman suggested that organizations adopt deceptive cybersecurity techniques, such as seeding networks with decoy assets to detect and slow down attackers. “Once adversaries know you’re using deception, they proceed more cautiously, unsure of the scale and nature of your defenses,” Freeman explained. Such strategies can effectively raise the cost and complexity of attacks, deterring cybercriminals and state-sponsored groups.

A Call to Action for Businesses

Organizations in Taiwan and across the Asia-Pacific must bolster their cybersecurity posture to address the evolving threat landscape. Measures such as implementing advanced endpoint protection, strengthening malware defenses, and deploying proactive monitoring solutions are essential. Jon Clay warned that without significant action, the frequency and sophistication of attacks are unlikely to diminish in 2025.

Businesses should also consider fostering collaboration with international cybersecurity firms and government agencies to share intelligence and improve defense mechanisms. Freeman emphasized the importance of vigilance: “Companies must think about how to defend themselves against nation-state attacks better in 2025 than they have in the past.”

To Wrap Up

The escalating cyberattacks on Taiwan underscore a critical need for strengthened cybersecurity measures amid rising geopolitical tensions with China. With over 2.4 million daily attack attempts and a sharp rise in successful breaches, Taiwan’s government and private sectors face an urgent challenge to protect critical infrastructure and sensitive information. By adopting innovative defensive strategies and fostering global collaboration, organizations can mitigate the impact of these relentless cyber threats and build a more resilient digital ecosystem.

References

1. Taiwan National Security Bureau (NSB) Annual Report, 2024
2. Jon Clay, Vice President of Threat Intelligence, Trend Micro
3. Michael Freeman, Head of Threat Intelligence, Armis

For more information, visit:

• Trend Micro Threat Reports
• Armis Cybersecurity Insights