From 7-11s to train stations, cyber attacks plague Taiwan over Pelosi visit
2022.08.04 14:13
U.S. House of Representatives Speaker Nancy Pelosi speaks at a meeting with Taiwan President Tsai Ing-wen (not pictured) at the presidential office in Taipei, Taiwan August 3, 2022. Taiwan Presidential Office/Handout via REUTERS ATTENTION EDITORS – THIS
By Sarah Wu and Eduardo Baptista
TAIPEI/BEIJING (Reuters) – As U.S. House of Representatives Speaker Nancy Pelosi made a brief visit to Taiwan this week that enraged Beijing, the welcome she received from government officials and the public was in sharp contrast with a different sort of message that began popping up elsewhere on the island.
On Wednesday, in some branches of 7-11 convenience stores in Taiwan, the television screens behind cashiers suddenly switched to display the words: “Warmonger Pelosi, get out of Taiwan!”
The largest 24-hour convenience store chain on the island was the victim of what Taiwanese authorities are calling an unprecedented amount of cyber attacks on government websites belonging to the presidential office, foreign and defence ministries as well as infrastructure such as screens at railway stations, in protest against Pelosi’s visit.
Taipei has not directly blamed the attacks on the Chinese government, but has said that the attacks on government websites — which paralysed the sites’ operations — originated from addresses in China and Russia. It also said the firms whose displays were changed had used Chinese software that could have contained backdoors or Trojan horse malware.
Taiwan’s digital minister Audrey Tang said the volume of cyber attacks on Taiwan government units on Tuesday, before and during Pelosi’s arrival, surpassed 15,000 gigabits, 23 times higher than the previous daily record.
Lo Ping-cheng, Taiwan Cabinet spokesman, said on Wednesday that the government had stepped up security at key infrastructure including power plants and airports and increased the cyber security alertness level across government offices. On Thursday, he said no related damage had been detected so far.
“Government departments have been very careful. In these past few days, in terms of public security, we have set up a three-tier government security and communication mechanism, it is already tough and defensive enough so these adaptations have been beneficial,” he told a briefing.
THEATRE, RATHER THAN THREAT
Pelosi’s visit triggered furious responses from the Chinese public and Beijing, who said the trip to the self-ruled island it regards as its territory infringed its sovereignty. On Thursday, China fired missiles around Taiwan as part of a series of unprecedented military drills.
A cybersecurity research organisation said the attacks against Taiwanese government websites before Pelosi’s visit were likely launched by Chinese activist hackers rather than the Chinese government.
Hacker group APT 27, which has been accused by Western authorities of being a Chinese state-sponsored group, claimed responsibility for the cyber attacks on Taiwan on Wednesday, saying on YouTube that they were done to protest how Pelosi had defied China’s warnings with her visit. It also claimed it had shut down 60,000 internet-connected devices in Taiwan.
Asked about the cyber attacks in Taiwan on Thursday at a regular Chinese foreign ministry briefing, a spokesperson declined to comment. The Cyberspace Administration of China, which regulates the country’s internet, did not immediately respond to a request for comment.
Experts said that the cyber attacks, combined with China’s live firing exercises, provide Taiwan’s leaders with a preview of what an invasion from China would look like.
In recent years, several reports from think tanks in Taiwan and the United States have emphasised the high likelihood that, in the event of a military assault of Taiwan, China would first launch a debilitating cybersecurity attack on Taiwan’s key infrastructure, such as its power grid.
Still, Eryk Waligora, a cyber threat intelligence specialist at Accenture (NYSE:ACN), said the latest ones appeared to be “more theatre than threat” so far. He said past attacks, like a campaign between November last year to February that forced several financial institutions in Taiwan to suspend online transactions, were more sophisticated technically, and damaging.
“There have certainly been far worse cyber-attacks,” he said.