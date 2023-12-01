With geopolitical tensions and a trade war acting as a backdrop, China-led cyberattacks on Taiwan are rising sharply, according to multiple security reports.

In the latest report about alleged China-sponsored cyberattacks on Taiwan, Kate Morgan, a senior engineering manager in Google's Threat Analysis Division, told Bloomberg that Google is tracking close to 100 hacking groups out of China. The malicious groups are attacking a wide spectrum of organizations, including the government, private industry players and defense organizations.

A spike in cyberattacks originating from China was also reported by Microsoft. A “nation-state” hacking group referred to as Flax Typhoon, believed to be active since 2021 and based in China, has targeted a range of Taiwanese organizations in telecom, education, energy, and information technology, according to a Microsoft Security blog post in August

"Flax Typhoon gains and maintains long-term access to Taiwanese organizations' networks with minimal use of malware, relying on tools built into the operating system, along with some normally benign software to quietly remain in these networks," the Microsoft blog said.

The hacking group’s behavior and targets suggest that it is performing espionage, Microsoft said. Though Flax Typhoon uses a number of hacking tools, it relies mainly on living-off-the-land techniques, and makes initial inroads into systems by taking advantage of vulnerabilities in web-connected servers using web shells like China Chopper, Microsoft said.

In adition, a recent Fortinet study cited widely in media reports revealed that the cybersecurity company detected as many as 15,000 cyberattacks per second on Taiwan in the first half of the current year. This marked an increase of 80% compared to the same period in 2022. Common techniques were distributed denial-of-service attacks (DDoS) and use of DoublePulsar, a backdoor implant tool developed by the US National Security Agency.