At a glance.
- Cyberattacks hit official websites in Taiwan.
- Selection of UK's next PM delayed by cybersecurity concerns.
- Malware designed to abuse trust.
- Lessons from the cyber phases of a hybrid war.
- CISA releases five ICS security advisories.
Cyberattacks affect three official sites in Taiwan.
Yesterday, as the US Speaker of the House, Representative Nancy Pelosi (Democrat, California 12th District), prepared for her visit to Taiwan, cyberattacks briefly took down at least three Republic of China websites. The New York Times reports, "The official website of Taiwan’s presidential office was attacked around 5 p.m., according to a statement from the office, several hours before Ms. Pelosi’s landing. The site’s traffic shot up to 200 times that of a normal day, leaving the website unable to display any content for 20 minutes. It resumed normal operation after the problems were fixed, according to the statement. Taiwan’s Foreign Ministry website and the main portal website for Taiwan’s government also experienced cyberattacks on Tuesday, according to Joanne Ou, spokeswoman for Taiwan’s Foreign Ministry. Early Wednesday, the websites appeared to have resumed operation, though Ms. Ou said they were still fixing the problems."
The incidents were all distributed denial-of-service (DDoS) attacks, and POLITICO cites various experts who assess them as patriotic hacktivism, not operations carried out directly by the Chinese government. The attacks were consistent with official Chinese expressions of strong and clear disapproval of the Speaker's visit to Taipei, and of vaguer threats of retaliation, but that's also consistent with patriotic hacktivism, as the SANS Internet Storm Center points out. The Washington Post dismisses the incidents as no big deal, saying that the attacks "were probably not all they were cracked up to be."