UNITED24 - Make a charitable donation in support of Ukraine!

Homeland Security

Report highlights threat of ransomware attacks on government agencies

ROC Central News Agency

07/13/2021 07:06 PM

Taipei, July 13 (CNA) An annual report by the Cabinet has found that the number of information security incidents involving Taiwan government agencies decreased last year, but warned that the widespread threat of ransomware attacks requires additional response measures to limit their duration and severity.

According to the report, issued by the Cabinet's National Information & Communication Security Taskforce on June 29, the number of information security incidents reported by government agencies fell to 525 last year, down from 674 in 2019 and 754 in 2018.

Under the report's four-tier classification system, 451 of the incidents were of the least severe Level 1, while 65 were of Level 2, nine were of Level 3, and none were of the most severe Level 4.

The vast majority of the incidents, comprising 68.76 percent of the total, involved the unauthorized accessing of digital networks, while 9.14 percent related to risks caused by equipment failures, 6.67 percent were attacks on webpages, 1.14 percent were denial of service (DoS) attacks, and 14.29 percent were classified as "other."

The targets of the attacks were split almost evenly between central and local government agencies, the report said.

Chien Hung-wei (簡宏偉), head of the national Department of Cyber Security, told CNA Tuesday that many of the more serious Level 3 attacks involved breaches of personal information, which he said the government would try to resolve through outreach and training.

More broadly, the report highlighted the threat posed to both the government and the private sector by ransomware attacks, often spread through emails, in which hackers encrypt internet networks and files, and then demand ransom in exchange for decryption.

As such attacks have now become "the norm" both in Taiwan and internationally, "the establishment of response measures aimed at reducing the duration of their impact" has become increasingly vital, the report said.

According to the report, the five main types of information security threats faced by government agencies included personal data breaches, service disruptions caused by denial of service attacks, and smart devices becoming infected with malware due to outdated software.

The other risks were advanced persistent threats, in which hackers gain access to a network and are able to surveil it undetected for an extended period, and hacking attacks on government contractors and suppliers, the report said.

(By Lai Yu-chen and Matthew Mazzetta)

Enditem/AW



NEWSLETTER
Join the GlobalSecurity.org mailing list