It was reported that Taiwan is fortifying its defences against cyberattacks as it prepares for joint drills with the United States and more than a dozen other countries in November in an operation named Cyber Offensive and Defensive Exercises. Taiwan apparently experienced an average of 30 million attacks each month with 60% of it apparently from hackers in mainland China, mostly targeting government agencies in Taiwan. Majority of the attacks apparently were APTs.
During the exercise, Taiwan would be the target with ethical hackers from the dozen or more countries in the operations attempting to hack Taiwan's government websites, testing the capability of local cybersecurity teams to protect them. Divided into 2 parts, the first part would be testing the response of government staff and officials to phishing emails or text messages, the most common form of cyberattack. The second would test responses in the public and private sectors to cyberattacks from abroad and within Taiwan.
Apparently, the cybersecurity department within Taiwan’s National Security Bureau would be working with the private sector to tackle a simulated mass attacks on various sectors in the country.
Our question - the US govt and the rest of the western countries has consistently singled out the conduct of China, Russia, North Korea and Iran in attacking assets in the western countries. Apparently some of these attacks succeeded and some failed. If the % of these attacks did actually succeed, it speaks volume of the prowess, technicality and skills of these state sponsored hackers from these countries. It also speaks volume of the capability and ability of those in the US and western world to defend their assets. If the US and the western world were efficient, the alleged attacks from those few nations would not have succeeded in the first instance. The US and their western allies would have stopped all these attacks before any of the alleged hackers even get to send it out.
In normal language, if the same house is continuously burgled with the burglars succeeding most of the time in making off with items - regardless of its value - in the house, would you still consult with the owner of the house in designing the security system in your own house?
Testing the response of individuals - a human being - which is the core of the exercise would be a monumental task. In a simulated environment, the response could be very much expected. But in cyber space, an attack can happen anytime anywhere. It could be a phishing email designed to look like a normal email from a supervisor to a low level staff that requires just a simple response of yes or no to the email. Except this email contains malicious codes. A low level staff who is used to taking instructions and who dared not question instructions from his / her superiors will have no hesitation in opening the email and its attachment.
Then wham..all hell will break loose.
Comments