In response to the recent series of reported hacking incidents, the Republic of China’s Ministry of Digital Development stated today that they have obtained relevant intelligence and will continue to strengthen cybersecurity cooperation to maintain overall communication security.
The Ministry of Digital Development’s cybersecurity office released a press release today stating that they have obtained relevant intelligence on the recent international hacker organization’s cyber disruptions in early January. They have worked in conjunction with relevant units to respond promptly and have alerted private entities under attack through the Taiwan Computer Emergency Response Team/Coordination Center (TWCERT/CC) to activate appropriate defense and recovery mechanisms, facilitating mutual exchange of various cross-domain threat information through public-private collaboration.
The cybersecurity office of the Ministry of Digital Development mentioned that the targets of this wave of attacks include local governments, regional civil aviation stations, port authorities, private enterprises, and more. These organizations promptly initiated defense and recovery mechanisms to resolve website issues, allowing most to recover within a short period.
The cybersecurity office also cautioned that DDoS attacks primarily involve sending a large number of connection requests to deplete system service capacity and disrupt services. Effective defense and response involve proactive preparations such as planning for traffic scrubbing, website Content Delivery Network (CDN), and relevant defense mechanisms like Intrusion Prevention Systems (IPS), firewalls, Security Operations Centers (SOC), etc. In case of an attack, enhancing cybersecurity monitoring, analyzing abnormal connection IPs, promptly blocking abnormal traffic, and implementing countermeasures like traffic scrubbing services or displaying static web pages according to DDoS attack patterns are recommended.
Furthermore, the cybersecurity office suggested that in the long term, organizations should regularly assess their response capabilities, enhance abnormal traffic monitoring, conduct drills, and strengthen defense strategies through cooperation. They also mentioned that through TWCERT/CC, they will continue to share network threat intelligence with other countries and notify organizations promptly to enhance mutual defense strategies and maintain overall communication security.