Ethical Hacking News
Taiwan is facing an unprecedented surge in cyberattacks from China, with attackers targeting critical infrastructure across nine key sectors. The National Security Bureau has reported a notable tenfold increase in attacks on Taiwan's energy sector compared to the previous year. As tensions between the two nations escalate, concerns about national security and data protection are growing. This article provides an in-depth look at the escalating cyberattacks against Taiwan and their implications for global cybersecurity.
Taiwan has seen a tenfold increase in cyberattacks from China on its energy sector compared to the previous year.The National Security Bureau of Taiwan recorded 960,620,609 cyber intrusion attempts targeting critical infrastructure in 2025.China's cyber army launched an average of 2.63 million intrusion attempts per day against Taiwan's critical infrastructure across nine primary sectors.The energy and emergency rescue/hospitals sectors experienced the most significant year-on-year surge in cyberattacks from Chinese threat actors.Five distinct Chinese hacking groups have been identified as behind the attacks, including BlackTech, Flax Typhoon, HoneyMyte, APT41, and UNC3886.China's cyber warfare capabilities are becoming increasingly sophisticated, with a focus on military, intelligence, industrial, and technological capabilities.China has exploited vulnerabilities in hospitals' websites to drop ransomware and conduct adversary-in-the-middle attacks against communications companies.
Taiwan, a nation often perceived as a bastion of resilience and fortitude, finds itself facing an unprecedented surge in cyberattacks from the People's Republic of China. This escalating digital onslaught has witnessed a notable tenfold increase in attacks on Taiwan's energy sector compared to the previous year, with attackers employing various tactics and techniques to compromise critical infrastructure across nine key sectors.
The National Security Bureau (NSB) of Taiwan recently announced that it had recorded an astonishing 960,620,609 cyber intrusion attempts targeting the country's critical infrastructure in 2025. Notably, this figure represents a 6% growth in total cyber incidents linked to China compared to the preceding year. Furthermore, the NSB revealed that on average, China's cyber army launched approximately 2.63 million intrusion attempts per day against Taiwan's critical infrastructure across nine primary sectors.
These sectors, which encompass administration and agencies, energy, communications and transmission, transportation, emergency rescue and hospitals, water resources, finance, science parks and industrial parks, as well as food, are all potential vulnerabilities that China's cyber army has targeted in its relentless pursuit of digital domination. Notably, the energy and emergency rescue/hospitals sectors experienced the most significant year-on-year surge in cyberattacks from Chinese threat actors.
The National Security Bureau further elucidated that these cyberattacks have been attributed to five distinct Chinese hacking groups, namely BlackTech (Canary Typhoon, Circuit Panda, and Earth Hundu), Flax Typhoon (aka Ethereal Panda and Storm-0919), HoneyMyte (aka Bronze President, Mustang Panda, and Twill Typhoon), APT41 (aka Brass Typhoon, Bronze Atlas, Double Dragon, Leopard Typhoon, and Wicked Panda), and UNC3886. These groups have been observed probing network equipment and industrial control systems of Taiwan's energy companies to plant malware.
The National Security Bureau's findings underscore the depth and complexity of China's cyberattacks against Taiwan. The bureau noted that "China has fully integrated military, intelligence, industrial, and technological capabilities across both public and private sectors to enhance the depth of intrusion and operational stealth of its external cyberattacks through a wide range of cyberattack tactics and techniques." This observation highlights the increasingly sophisticated nature of China's cyber warfare capabilities.
Moreover, the NSB revealed that China's cyber army has also exploited vulnerabilities in the websites and systems of major hospitals in Taiwan to drop ransomware and conduct adversary-in-the-middle (AitM) attacks against communications companies. These actions demonstrate the willingness of China's cyber military to target critical infrastructure and disrupt essential services, thereby compromising national security.
In addition to the aforementioned cyberattacks, Microsoft has recently announced that it will indefinitely cancel its plans to enforce a Mailbox External Recipient Rate Limit in Exchange Online. This decision was made in response to concerns raised by the company regarding abuse and misuse of the service for bulk spam and other malicious email activity.
Furthermore, Chen Zhi, the founder and chairman of Prince Group, has been extradited to China following an arrest in Cambodia. Chen is alleged to be the mastermind behind one of Asia's largest transnational scam networks, which operates on a massive scale to conduct cryptocurrency fraud schemes. The U.S. Department of Justice (DoJ) had unsealed an indictment against Prince Group and Chen in absentia for operating forced-labor scam compounds across Southeast Asia.
The impact of this scandal extends beyond China and the United States. Thousands of people have been reported to be trapped and coerced into carrying out online fraud under threat of torture, with total losses estimated at between $18 billion and $37 billion worldwide. This highlights the far-reaching consequences of transnational cybercrime and the need for concerted international efforts to combat such threats.
In other news, two Chrome extensions have been caught secretly stealing credentials from over 170 sites. Additionally, a cryptocurrency miner is being distributed via PowerShell commands in an attempt to take advantage of a known flaw in GeoServer.
Finally, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added 245 new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog in 2025, bringing the total number of software and hardware flaws at high risk of cyber attacks to 1,484. These additions underscore the ongoing threat landscape faced by organizations worldwide.
Related Information:
https://www.ethicalhackingnews.com/articles/Taiwan-Confronts-an-Unrelenting-Tide-of-Cyberattacks-as-Chinas-Digital-Aggression-Escalates-ehn.shtml
https://thehackernews.com/2026/01/threatsday-bulletin-rustfs-flaw-iranian.html
https://www.cisa.gov/sites/default/files/2025-06/joint-fact-sheet-Iranian-cyber-actors-may-target-vulnerable-US-networks-and-entities-of-interest-508c-1.pdf
Published: Thu Jan 8 07:23:44 2026 by llama3.2 3B Q4_K_M
