China has accused four Taiwanese individuals of being hackers associated with Taiwan’s military cyber force, claiming they were responsible for cyberattacks against Beijing.
The Ministry of State Security (MSS) identified them as members of Taiwan’s Information, Communications, and Electronic Force Command (ICEFCOM), publishing their names, photographs, birthdates, and job titles. The accusations add another layer of tension between the two nations as tensions between the two nations continue to remain hostile.
China’s Allegations Against Taiwan’s ICEFCOM
According to China’s MSS, ICEFCOM has been involved in cyberattacks targeting China’s critical infrastructure. The ministry stated that Taiwan’s cyber force, also known as the “Internet Army” has been working with external hackers and cybersecurity firms to launch cyber espionage and infiltration campaigns.
“Their activities include espionage, sabotage, and propaganda,” the MSS said.
Since its establishment, ICEFCOM has conducted targeted cyberattacks and infiltration operations against critical Chinese infrastructure, the MSS stated in an official release. China claimed that the attacks focused on systems controlling waterworks, power grids, telecommunications networks, and surveillance cameras, aiming to disrupt national stability.
The MSS also accused ICEFCOM of attempting to breach databases containing sensitive information on Chinese citizens, government officials, and military operations. Beijing labeled these activities as part of Taiwan’s broader intelligence-gathering efforts, allegedly backed by foreign entities.
Taiwan Rejects Claims, Calls China the Real Cyber Aggressor
Taiwan’s Ministry of National Defense swiftly rejected China’s accusations, calling them an attempt to shift blame. Taiwan has repeatedly stated that its cyber units focus on defensive measures rather than offensive operations.
The military’s cybersecurity forces do not engage in cyberattacks, Taiwan’s defense ministry said in a statement. Taipei accused Beijing of fabricating claims to justify its own cyber activities against Taiwan.
Taiwan recently released its own report detailing Beijing’s cyber tactics over the past year. Taiwan’s National Security Bureau (NSB) stated that cyberattacks against Taiwan’s government departments averaged 2.4 million per day in 2024. The report suggested that China’s state-sponsored hackers have been refining their cyber warfare techniques to exert political and economic pressure on Taipei.
China’s Cyberattack Techniques in 2024
Taiwan’s NSB report outlined the key methods China used in its cyber operations throughout 2024. The tactics ranged from phishing campaigns to large-scale data breaches designed to compromise government and military networks.
One of the primary strategies involved Advanced Persistent Threat (APT) groups linked to the Chinese government. These groups infiltrated Taiwanese organizations using malware-laced emails and trojanized software updates. Some of the most sophisticated attacks targeted supply chain vendors, allowing hackers to bypass traditional security measures and infiltrate government networks undetected.
China also leveraged artificial intelligence (AI)-driven cyber tools to automate large-scale attacks. AI-enhanced malware adapted in real time, making it harder for cybersecurity teams to detect and neutralize threats. The NSB report noted that China’s hackers used generative AI models to craft realistic phishing emails that closely mimicked official government communications, deceiving even experienced professionals.
Another concerning development was China’s increasing use of zero-day exploits—previously unknown software vulnerabilities that hackers used before they could be patched. Beijing’s cyber units deployed these exploits against Taiwan’s critical infrastructure, targeting national defense systems, financial institutions, and telecom providers.
Growing Cyber Conflict Between Beijing and Taipei
Taiwan has long been a focal point of Chinese cyber operations, but the scale and sophistication of attacks in 2024 marked a significant escalation following the physical tensions between the two nations. Chinese hackers reportedly infiltrated multiple Taiwanese defense contractors, attempting to extract classified military research and technology blueprints.
The growing cyber conflict has also impacted Taiwan’s private sector. The NSB noted that Chinese threat actors carried out ransomware attacks against Taiwanese semiconductor firms, aiming to disrupt one of the world’s most crucial industries. Additionally, Beijing allegedly sought to manipulate Taiwanese social media platforms, spreading disinformation to sway public opinion ahead of key political events.
With China publicly accusing Taiwan of cyberattacks and Taiwan providing detailed evidence of Beijing’s own operations, tensions in cyberspace continue to rise. Both nations remain locked in a digital conflict where information warfare plays a crucial role in their broader geopolitical struggle.
China’s allegations against Taiwan come amid an increasingly hostile landscape in the Asia-Pacific region. While Beijing has labeled Taiwan’s ICEFCOM as a cyber threat, Taipei maintains that China is the real aggressor, orchestrating millions of daily attacks. Taiwan’s latest findings reveal that China’s cyber capabilities are evolving rapidly, incorporating AI, zero-day exploits, and supply chain attacks to gain strategic advantages.
As cyberwarfare becomes a critical battleground, both nations are likely to continue investing in offensive and defensive cyber capabilities, experts suggest.
