By Lu Yi-hsuan and Kayleigh Madjar / Journalist, with editor-in-chief
Last year, government agencies reported 525 cybersecurity threats, nine of which were relatively serious, according to a report released by the Cyber Security Department of the Executive Yuan.
Threats to information security are classified into four severity levels, with level 1 indicating the least serious threat and level 4 indicating the most serious.
Last year, there were 451 level 1 attacks and 65 level 2 attacks against government agencies, according to ministry data.
Nine level 3 attacks were also recorded, but nothing deserved a level 4 rating.
The main types of threats were unauthorized access, web page attacks, equipment issues and denial of service attacks, the department said.
Unauthorized access was the most common type, accounting for 68.8% of all threats, he said, adding that the main causes were vulnerabilities in third-party products, failure of hosts to automatically install them. updates and remote connection management issues.
Other cases involved ransomware attacks, malware attacks on security systems, malware latent on agency internal networks and systems built by contractors becoming a springboard for infiltration, added. the Department.
Web page attacks, or improper permission control, file format restrictions, and third-party updates targeted by hackers, accounted for 6.7% of all reported threats, he said.
Threats were almost evenly distributed between central and local governments, with 49% of reports coming from federal agencies and 51% from local agencies, he added.
In its report, which was released at the end of last month, the department recommended how to counter five categories of threats: personal information leaks, denial of service attacks by ransomware, malware sown due to out-of-date firmware, persistent attacks designed to steal sensitive and external data. supply chain hacking.
For example, in one of the Level 3 threats, hackers extracted the login details of an equipment maintenance company for a government agency, according to the report.
They were then able to gain access to other equipment within the agency and use ransomware to encrypt the data, making normal operation impossible until hackers freed the system, he said.
Ransomware attacks have become commonplace, according to the report, adding that response measures depend on shortening recovery time.
Agencies should also make sure to patch vulnerabilities and update firmware, implement access controls on internal networks, create offsite backups, and conduct regular response exercises, a- he added.
In addition, government agencies should not use equipment or software created in China, according to the report.
Comments will be moderated. Keep comments relevant to the article. Comments containing abusive and obscene language, personal attacks of any kind or promotion will be removed and the user banned. The final decision will be at the discretion of the Taipei Times.