Taiwan leader Tsai Ing-wen's office targeted in suspected cyberattack

Taiwanese President Tsai Ing-wen.
PHOTO: Reuters

Hackers have reportedly targeted the office of Taiwanese President Tsai Ing-wen, days before the inauguration for her second term in office, in an incident that highlights the security threat facing the island’s government amid growing tensions with mainland China.

Some local media outlets said they had received four emails from an account named “tsailoser” over the weekend containing 11 files that claimed to detail the infighting and power struggles between Tsai and her confidants.

While the presidential office said the content had been “doctored”, legislators and some security experts said the office needed to step up its cybersecurity.

Presidential spokesman Alex Huang confirmed on Monday that information security units were investigating the suspected cyberattack.

“We have already reported the case to the Criminal Investigation Bureau,” Huang said in Taipei.

Asked if the documents were intended to smear the government, Huang said that may have been the intent of whoever sent out the files, adding that the case will still under investigation.

ALSO READ: Taiwan rebuffs WHO, says China has no right to represent it

According to local news media, the attached files of the emails appear to include minutes from a meeting to discuss cabinet appointments, details of a potential power play between Tsai and Premier Su Tseng-chang and the strategy adopted by Tsai to defeat former premier William Lai during the Democratic Progressive Party’s presidential primaries last year.

Legislators from the independence-leaning DPP said on Monday they believed Beijing was behind the cyberattack, and claimed it was designed to disrupt the presidential inauguration on Wednesday.

“The closer the presidential inauguration is coming, the more cyberattacks will come from China,” DPP legislator Wang Ting-yu said, claiming the number of cyberattacks on government offices and public utilities had risen by half in the past month.

Tsai will be sworn in to her second term in office on Wednesday following her landslide victory in January over Han Kuo-yu from the mainland-friendly Kuomintang, who is said to have been Beijing’s favoured candidate.

The KMT’s Han Kuo-yu (centre) suffered a landslide defeat in January’s election.
PHOTO: Reuters

Beijing, which considers Taiwan a wayward province that must be returned to the mainland fold, by force if necessary, had hoped Tsai would be defeated because she has refused to accept the one-China principle.

It has suspended official exchanges with Taiwan, staged numerous war games close to the island and poached seven of Taiwan’s remaining allies to try to force Tsai to accept the principle.

Cross-strait relations have further soured in recent months in what Beijing sees as Tsai’s attempt to use the coronavirus outbreak to increase the island’s international profile.

DPP legislator Hsu Chih-chieh said the increase in cyberattacks posed a security risk to the island.

Read Also
Taiwan President: Invasion would be 'very costly' for China
Taiwan President: Invasion would be 'very costly' for China

“Cyberattacks are a kind of information war and President Tsai must demand that the information security department steps up efforts to prevent hackers from hacking into the government system and fabricating information to affect our national security,” he said.

Wang also questioned why security had failed to stop hackers targeting the presidential office, which had already been given the highest levels of protection.

Taiwan People’s Party legislator Ann Kao – an expert in information engineering and big data – said the presidential office needed to check whether anyone had logged into the email servers using an off-site internet protocol address.

She said hackers might have breached the presidential office’s mail server or someone on the inside either leaked the email contacts or provided user account information to hackers.

Tzeng Yi-suo, a cyber warfare and information security expert at the Institute for National Defence and Security Research, a government think tank, said the incident was a typical “influence operation” designed to make the public lose confidence in the government.

He said the hacking might have taken place some time ago as it would take time to alter the files before they could be sent to the media.

This article was first published in South China Morning Post.