The exercise scenario hit the food and agriculture sectors first, according to the U.S. Cybersecurity and Infrastructure Security Agency.
TAIPEI, Taiwan—Taiwan participated in a multinational cyber exercise held by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) for the first time earlier this year, according to the island’s Administration for Cyber Security.
The U.S.-led Cyber Storm XI, the ninth iteration of the exercise since it was first launched in 2006, was held for three days in April. According to a CISA
report published in September, the exercise involved more than 2,200 participants from federal departments and agencies, state governments, critical infrastructure, and 11 international participants.
The 11 participating countries included Australia, Canada, Finland, Japan, the Netherlands, New Zealand, Norway, Singapore, Sweden, Taiwan, and the United Kingdom, according to the CISA report.
“The exercise scenario centered on adversary exploitation of common misconfigurations of cloud environments to cause various impacts to data confidentiality, integrity, and availability,” CISA Director Jen Easterly
said in June. The food and agriculture sector was hit first, Easterly added, before many organizations in various sectors were also affected.
On Dec. 18, Taiwan’s Administration for Cyber Security announced that the CISA’s invitation led to Taiwan’s first-ever participation in this year’s Cyber Storm exercise,
according to a press release. Aside from the cyber administration, Taiwan’s National Institute of Cyber Security and the Ministry of National Defense’s Information, Communications, and Electronic Force Command also took part in the exercise.
After the exercise, the Taiwanese and U.S. participants shared information, with both parties describing it as a success and saying that lessons learned could be added to their domestic response mechanisms, according to the cyber administration.
Any cooperation with the United States on cybersecurity is key for Taiwan, considering the island is one of the main targets for China’s cyberattacks.
Israeli cybersecurity service provider Check Point said in a recent report that Taiwan’s organizations experienced an average of 4,129 cyberattacks per week during the third quarter of this year, more than any other economy in the Asia-Pacific region,
according to Taiwan’s government-run Central News Agency.
Hardware vendors, the government and military sector, and manufacturing were the three hardest-hit sectors during the period, the outlet said.
In June, cybersecurity intelligence company Recorded Future
said in a report that a suspected Chinese state-sponsored hacking group known as RedJulliett had stepped up its attacks against Taiwanese organizations between 2023 and April this year. Most of the organizations targeted were in the government, education, technology, and diplomacy sectors.
Recorded Future said that RedJulliett was mostly likely based in Fuzhou, a city in southern China’s Fujian Province.
“Given the close geographical proximity between Fuzhou and Taiwan, Chinese intelligence services operating in Fuzhou are likely tasked with intelligence collection against Taiwanese targets,” Recorded Future said. “RedJuliett is likely targeting Taiwan to collect intelligence and support Beijing’s policy-making on cross-strait relations.”
The Chinese Communist Party considers Taiwan a part of its territory and has carried out influence operations in an attempt to influence the island’s public opinion and election outcomes.
Chinese state-sponsored threats, such as Salt Typhoon, have also targeted the United States.
Salt Typhoon has compromised at
least eight U.S. telecommunication companies, White House deputy national security adviser Anne Neuberger said on Dec. 4. Major companies such as AT&T, CenturyLink, and Verizon are among
those targeted, as the hackers stole call record metadata from a large number of Americans, including senior U.S. government officials and prominent political figures.
The Associated Press contributed to this report.
