The Ministry of Digital Affairs (MODA) in Taiwan reported 697 information security incidents in the public sector in 2023. According to MODA’s Administration for Cyber Security, agencies are required to report cybersecurity incidents, and these are classified based on their impact on confidentiality and integrity, with severity levels ranging from one to four.
Of the 697 cases, the majority were level one incidents, accounting for 81.78%, while level two incidents made up 15.78% and level three incidents 2.44%. There were no level four incidents reported. The bulk of these incidents, 63.85%, involved illegal intrusions, followed by equipment issues at 12.91%, denial-of-service attacks at 4.88%, and web attacks at 3.37%.
The Administration for Cyber Security identified six primary threats to government agencies based on their analysis. These included email account password breaches, network device breaches, personal data theft through social engineering, supplier maintenance errors, industrial control system vulnerabilities, and the use of cloud services as malicious relay stations.
To mitigate these threats, the administration recommended increasing cybersecurity education and training. They advised users to verify file names and be cautious with attachments, especially those in formats like .zip and .exe, to prevent potential security breaches.
Reference: