The advent of the internet and the rapid proliferation of information and telecommunication technologies (ICTs) have wrought significant changes on the daily lives of individuals. These advancements have facilitated seamless communication through platforms such as email and social media, enabled remote work and learning opportunities, and granted instant access to an extensive array of information and services, enhancing the ease and efficiency of daily activities for millions worldwide. Moreover, beyond their civilian applications, governments and militaries across numerous nations have embraced these technologies, leading to notable improvements in operational efficiency, effective communication, and security measures. For example, governments have increasingly turned to online platforms to facilitate crucial services—like tax filing, permit applications, and voter registration—thereby streamlining administrative procedures and enhancing accessibility for constituents. Similarly, militaries have integrated ICTs into their command-and-control systems, intelligence operations, and strategic communications, bolstering their capacity for rapid response and situational awareness in dynamic operational environments.
However, despite these manifold advantages, the widespread adoption of internet and ICTs has precipitated a plethora of risks and challenges. Foremost among these is the proliferation of cybersecurity threats, including hacking, data breaches, and cyberattacks. These activities pose grave risks to sensitive information, disrupt essential services, and erode public trust in digital infrastructure. Moreover, the dissemination of misinformation and fake news across digital platforms has exacerbated social polarization, thereby undermining democratic processes and societal cohesion. Consequently, cybersecurity has emerged as a critical facet of national security, prompting states to allocate substantial resources toward fortifying their cyber defenses and detecting intrusions into critical systems. Reflecting this urgency, many nations have formulated and disseminated National Cyber Security Strategies (NCSS) as pivotal documents delineating their overarching visions, guiding principles, threat perceptions, and strategic objectives in the cyber domain.
Over the past two decades, Taiwan, long known as a hub for information technology (IT), has confronted cyberattacks originating from various states—including the People’s Republic of China (PRC), North Korea, and Russia—underscoring the significance of cybersecurity in safeguarding Taiwan’s national security. In response to these threats, Taiwan has formulated and promulgated its own National Cyber Security Strategy (NCSS), with the aim of fortifying its cyber defenses amid the complex dynamics of cross-Strait relations. Developing such a strategy has become increasingly imperative for Taiwan, which faces rapidly escalating cyber threats from the PRC. As documented by a report from Check Point, an international cybersecurity firm, Taiwan’s digital infrastructure endured an average of 1,509 cyberattacks per week during the initial three quarters of 2023. Notably, a significant proportion of these attacks targeting government websites and services emanated from mainland China, and encompassed both large-scale assaults and smaller-scale attempts to disrupt or impair access to governmental online platforms.
Escalating Cyber Threats
The current age of cyber aggression by Chinese hackers against Taiwan can be traced back to the turn of the twenty-first century, when then-President Lee Teng-hui (李登輝) made the widely publicized assertion of Taiwan’s independent status vis-à-vis China. This seminal declaration resulted in rudimentary web defacement attacks, wherein Taiwanese governmental websites were infiltrated to display slogans advocating for a singular China and the display of a red flag, signaling China’s territorial unity. [1] Subsequently, China’s cyber offensive against Taiwan has steadily escalated, in terms of both frequency and severity of attacks.
Recently, findings from the American cybersecurity firm Trellix underscored a marked surge in cyber activity, with Chinese cyberattacks on Taiwanese entities more than doubling in frequency within the 24-hour period leading up to Taiwan’s 2024 national elections on January 13. The report revealed a pronounced escalation in malicious cyber incidents, soaring from 1,758 detections on January 11 to over 4,300 on January 12. Notably, the targets of these attacks primarily comprised governmental institutions, law enforcement agencies, and financial entities—with attackers primarily focusing on accessing internal communications, police records, banking statements, and insurance data.
An analysis of Chinese cyberattacks on Taiwan reveals multifaceted strategic objectives, including the acquisition of sensitive intelligence crucial for cross-Strait negotiations and the illicit procurement of Taiwanese trade and industrial secrets. Moreover, Chinese cyber intrusions aim to subvert democratic institutions by disseminating disinformation, disrupting governmental operations through targeted assaults on critical infrastructure, impeding service delivery, and undermining public trust in governmental efficacy, ultimately eroding confidence in democratic processes. Taiwan has also served as an experimental testing ground for China’s novel cyber tools, playing a critical role in the development and refinement of new and more intricate cyber capabilities. [2]
Taiwan on the Defensive
This concerning escalation of Chinese cyberattacks has galvanized both private and public sectors in Taiwan to prioritize cybersecurity management, catalyzing substantial investment in bolstering cyber defenses. Consequently, the information security market in Taiwan has seen robust growth, expanding at an annual rate of 14 percent per annum since 2011, representing a growth from USD $700 million to USD $1.44 billion in 2017, with projections indicating sustained growth through 2019 at an annual rate of 8.7 percent.
Additionally, in response to the escalating Chinese aggression in cyberspace, Taiwanese authorities have undertaken proactive measures since the aforementioned cyber conflict between China and Taiwan in 1999. Following that attack, Taiwan established the National Information and Communication Security Taskforce (NICST) under the purview of the Executive Yuan in 2001, marking the inception of the government’s concerted efforts to combat cyber threats. Charged with safeguarding the government’s networks and critical infrastructure, the NICST has spearheaded successive phases of major cybersecurity initiatives, each spanning four years.
The initial two phases, spanning the years from 2001 to 2004 and 2004 to 2008, were pivotal in laying the groundwork and fortifying the nation’s cyber protection infrastructure. During these phases, the NICST worked to classify government agencies based on the type and intensity of cybersecurity threats they faced, formulating tailored strategies for each. Subsequent phases, spanning from 2009 to 2012 and 2013 to 2016, sought to augment existing preparations by fostering collaboration with the private sector, heightening public awareness, and enhancing regulatory compliance among local businesses. [3] Educational institutions at various levels also embarked on initiatives to cultivate cybersecurity literacy through specialized programs and coursework. The fourth phase also saw the refinement of government policies and regulations, alongside the facilitation of the cybersecurity industry’s development and initiatives aimed at nurturing talent acquisition programs. [4]
Graphic: The five phases of Taiwan’s National Cyber Security Program (Source: NCSP 2021-24)
Cybersecurity under President Tsai
During the period spanning from 2017 to 2020 (the fifth phase of cyber development, as laid out in the NCSP), coinciding with the first term of President Tsai Ing-wen (蔡英文), Taiwan underwent another shift in its cybersecurity policy—with the government explicitly linking cybersecurity and national security. President Tsai’s administration has consistently underscored the criticality of cybersecurity to Taiwan’s national security, as evidenced by her remarks during official engagements. For instance, on September 18 of last year, President Tsai welcomed a cybersecurity business development mission from the United States. During her speech to the delegation, she emphasized both Taiwan’s commitment to cybersecurity and its willingness to share Taiwan’s experiences with fellow democracies.
This heightened emphasis on cybersecurity within the national security framework has been accompanied by a series of proactive measures initiated by the Tsai Administration to address cybersecurity challenges comprehensively. These initiatives included the establishment of a variety of cybersecurity-oriented government agencies, including the National Information and Communication Security Office (NICSO) under the National Security Council (NSC, 國家安全會議); the Department of Cyber Security within the Executive Yuan; and the Information, Communication, and Electronic Force Command under the Ministry of National Defense (MND, 中華民國國防部). Legislative efforts, such as the 2018 Information and Communication Management Act and the subsequent amendment bill of the National Security Act in June 2019, have further institutionalized cybersecurity within Taiwan’s national security framework, delineating cyberspace as an integral component of the nation’s defensible territory.
Moreover, in 2022 Taiwan established the Ministry of Digital Affairs (MODA, 數位發展部), aimed at promoting digital policy innovation and reform across multiple domains, including telecommunications, information, cybersecurity, and internet governance. This comprehensive approach to cybersecurity culminated in the creation of the National Institute of Cyber Security (NICS) under the MODA, tasked with conducting research, making policy recommendations, and providing assistance during cybersecurity threats to both public and private sectors. President Tsai’s personal endorsement of the NICS during its inauguration underscored her administration’s recognition of the centrality of cybersecurity in safeguarding Taiwan’s national interests, encapsulating her conviction that “cybersecurity is national security” and affirming the institute’s pivotal role in advancing Taiwan’s cybersecurity resilience.
Image: President Tsai at the opening of the National Institute of Cyber Security 2023 (Source: MODA Website)
In contrast to preceding governmental administrations, President Tsai’s administration has exhibited a heightened determination to attain cyber autonomy and bolster Taiwan’s cybersecurity capacities—transcending the traditional emphasis on defensive measures by focusing on offensive capabilities as well. This strategic orientation reflects a nuanced understanding of the complex dynamics of cyberspace, wherein reliance solely on defensive mechanisms is frequently inadequate. Within the expansive, anonymous, and highly interconnected realm of cyberspace, threats have grown rapidly in both complexity and variability, posing formidable challenges to effective defense. These characteristics, coupled with the myriad attack vectors available to malicious actors, exacerbate the exigency of fortifying cybersecurity measures. In recognition of these imperatives, the Tsai Administration has established the Information Communication Electronic Force Command (ICEF) as a key entity overseeing Taiwan’s offensive cyber operations.
Enduring Challenges
Despite the concerted efforts undertaken by the Tsai Administration, assessments from the Cybersecurity Program of Taiwan (2021 to 2024) have underscored the incompleteness of Taiwan’s overarching national cybersecurity apparatus. The country’s domestic cybersecurity industry remains relatively diminutive in scale, beset by inadequate output value. Hence, it has become imperative to pursue supplementary measures aimed at fortifying Taiwan’s cyber resilience and security posture. With President-Elect Lai Ching-te (賴清德) entering office in May, it will be imperative for his administration to maintain Tsai’s emphasis on cybersecurity as a cornerstone of national security policy.
In fortifying Taiwan’s cyber resilience and advancing its cybersecurity capabilities across diverse domains, the Lai Administration stands to benefit from an intensified focus on several strategic areas. Foremost among these priorities is the imperative of fostering collaboration with international stakeholders. The United States has long stood as a key partner for Taiwan in the realm of cybersecurity. Noteworthy instances of this collaboration include a joint cyber-war exercise titled CODE (The Cyber Offensive and Defensive Exercises) drills, whose inaugural meeting was held in 2019. Furthermore, initiatives such as the Talent Circulation Alliance (TCA), established by Taiwanese authorities in 2019 in conjunction with the American Institute in Taiwan (AIT), have served to facilitate talent exchange and acquisition.
In a similar vein, the two nations convened a cybersecurity forum in 2020, which provided a platform for the exchange of insights and strategies drawn from the private sector. Building upon these foundations, the forthcoming Lai Administration should not only sustain collaboration with the United States, but also expand such endeavors into a comprehensive cyber collective defense framework, ideally in conjunction with likeminded nations such as Japan, which similarly confront cyber threats emanating from China.
Moreover, Taiwan’s cyber capabilities can be substantially augmented through the cultivation of robust public-private partnerships. The burgeoning landscape of Taiwan’s cybersecurity industry, propelled by initiatives spearheaded during the Tsai Administration, helped to underscore the potential of such collaborations. As it enters office, the Lai government would be well-advised to champion and incentivize public-private partnerships aimed at fortifying the nation’s cybersecurity posture.
Another critical objective for the incoming administration should be to pursue initiatives aimed at augmenting public awareness of cybersecurity. Governments assume a pivotal role in this endeavor by implementing various measures and programs geared toward educating citizens about cybersecurity and associated threats. These efforts include the launch of national cybersecurity awareness campaigns, which shed light on cyber threats, disseminate best practices for securing digital devices and personal information, and provide guidance on identifying and reporting suspicious online activities. Notably, the Taiwanese government, through the Ministry of Education (MOE, 教育部), has already taken strides in this direction by establishing a publicly accessible cybersecurity education website. Furthermore, educational institutions at all levels can avail themselves of cybersecurity education materials and updates via the campus information security service website.
In light of the imperative to fortify Taiwan’s cybersecurity landscape, the forthcoming administration should work to uphold and extend President Tsai’s strategic approach, emphasizing the intrinsic linkage between cybersecurity and national security. This will necessitate a steadfast commitment to fostering robust international collaboration with allied nations and industry stakeholders, both domestically and abroad. Failure to adhere to these guiding principles risks exposing Taiwan to significant security vulnerabilities, particularly against the backdrop of escalating tensions in cross-Strait relations. Thus, steadfast adherence to these policies will be paramount in safeguarding Taiwan’s security interests and ensuring its resilience in the face of evolving cyber threats.
The main point: Over the past several decades, Chinese cyber-attacks against Taiwan have steadily escalated in frequency, complexity, and intensity. While the Tsai Administration took critical steps toward countering these operations, the incoming Lai Administration will nevertheless need to be decisive and proactive in building on her approach.
[1] Andrzej Kozłowski, ‘The ‘Cyber Weapons Gap’: The Assessment of the China’s Cyber Warfare Capabilities and Its Consequences for Potential Conflict over Taiwan, On Their Own Paths: Japan and China Responses to the Global and Regional Challenges, 2015, 161–73.
[2] Kaushal Kishore Chandel, “China as a Factor in Taiwan’s National Cyber Security Strategy,” Institute of Chinese Studies, 1.94 (2021).
[3] Charles K S Wu, Hsuan-yu Shane Lin, and Yao-yuan Yeh, “Cybersecurity in Taiwan: Challenges and Responses,” Societal Resilience and Political Legitimacy, 2022, 68–76.
[4] Wu, Lin, and Yeh.
