**China-Linked Cyber Attacks on Taiwan’s Critical Infrastructure Surge in 2025**
Taiwan’s National Security Bureau (NSB) reported a sharp escalation in cyber attacks linked to China throughout 2025, averaging 2.63 million daily incidents—a 6% increase from 2024 and a 113% surge since 2023, when official tracking began. The attacks targeted energy, emergency services, hospitals, and semiconductor hubs, including facilities housing TSMC, as part of a broader hybrid warfare strategy.
The NSB’s January 4 report highlighted a deliberate pattern: cyber offensives often coincided with Chinese military exercises, including 40 joint combat readiness patrols near Taiwan in 2025. Of these, 23 were accompanied by intensified hacking, reinforcing Beijing’s dual-pressure tactics—physical intimidation paired with digital disruption. Key political moments, such as President Lai Ching-te’s anniversary speech and Vice President Hsiao Bi-khim’s address to the European Parliament, also saw spikes in malicious activity.
Attack methods included DDoS disruptions, man-in-the-middle data theft, and network infiltration, with the semiconductor sector facing espionage attempts to acquire advanced technology. The NSB assessed these efforts as part of China’s push for technological self-sufficiency and a bid to gain leverage in its competition with the U.S. Beijing, which claims Taiwan as its territory, has denied involvement in hacking but maintains the option of force to assert control. Taipei rejects China’s sovereignty claims, asserting that Taiwan’s future must be decided by its people.
Source: https://voi.id/en/technology/548690
National Security Council, Taiwan cybersecurity rating report: https://www.rankiteo.com/company/national-security-council-taiwan
"id": "NAT1767647348",
"linkid": "national-security-council-taiwan",
"type": "Cyber Attack",
"date": "1/2026",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of geographical region"{'affected_entities': [{'customers_affected': 'General public, critical '
'infrastructure operators',
'industry': 'Public Sector',
'location': 'Taiwan',
'name': 'Taiwan Government',
'type': 'Government'},
{'industry': 'Semiconductor',
'location': 'Taiwan (Science Park)',
'name': 'TSMC (Taiwan Semiconductor Manufacturing '
'Company)',
'type': 'Corporation'},
{'industry': 'Energy',
'location': 'Taiwan',
'name': 'Energy Sector Operators',
'type': 'Critical Infrastructure'},
{'industry': 'Public Safety',
'location': 'Taiwan',
'name': 'Emergency Services',
'type': 'Critical Infrastructure'},
{'industry': 'Healthcare',
'location': 'Taiwan',
'name': 'Hospitals',
'type': 'Critical Infrastructure'}],
'attack_vector': ['Network infiltration',
'Telecommunications compromise',
'Hybrid warfare coordination'],
'data_breach': {'data_exfiltration': 'Indicated (attempts to steal advanced '
'technology)',
'sensitivity_of_data': 'High (strategic technology, '
'government communications)',
'type_of_data_compromised': ['Telecommunications data',
'Advanced semiconductor '
'technology']},
'date_detected': '2025',
'date_publicly_disclosed': '2026-01-04',
'description': "Cyber attacks linked to China against Taiwan's vital "
'infrastructure increased sharply in 2025, averaging 2.63 '
'million attacks per day. The attacks were synchronized with '
'Chinese military exercises and targeted critical sectors such '
'as energy, emergency services, and hospitals. The campaign '
"aims to undermine Taiwan's government stability and social "
'functions as part of a hybrid war strategy.',
'impact': {'brand_reputation_impact': 'Undermined government stability and '
'public trust',
'data_compromised': 'Advanced technology (semiconductor industry), '
'telecommunications data',
'operational_impact': 'Disruption of government and community '
'functions, potential paralysis of critical '
'infrastructure',
'systems_affected': ['Energy sector',
'Emergency services',
'Hospitals',
'Telecommunications networks',
'Science parks (semiconductor industry)']},
'initial_access_broker': {'high_value_targets': ['Semiconductor industry '
'(TSMC)',
'Telecommunications networks',
'Government systems']},
'investigation_status': 'Ongoing',
'lessons_learned': "China's hybrid warfare strategy integrates cyber attacks "
'with military and political pressure to destabilize '
'Taiwan. Critical infrastructure and high-value industries '
'(e.g., semiconductors) are prime targets for '
'technological theft and disruption.',
'motivation': ['Political pressure',
'Technological theft',
'Hybrid warfare',
'Economic disruption'],
'post_incident_analysis': {'root_causes': ['Geopolitical tensions between '
'China and Taiwan',
"China's hybrid warfare strategy",
"Vulnerabilities in Taiwan's "
'critical infrastructure '
'cybersecurity']},
'recommendations': ['Enhance cybersecurity measures for critical '
'infrastructure sectors.',
'Improve coordination between military, government, and '
'private sector for hybrid threat response.',
'Strengthen monitoring and detection capabilities for '
'synchronized cyber-physical attacks.',
'Develop international alliances to counter '
'state-sponsored cyber threats.'],
'references': [{'date_accessed': '2026-01-04',
'source': 'Taiwan National Security Bureau (NSB)'},
{'source': 'DigitalSiber.id (AI-generated translations)'}],
'stakeholder_advisories': 'Government agencies and critical infrastructure '
'operators in Taiwan advised to heighten '
'cybersecurity posture and prepare for synchronized '
'hybrid threats.',
'threat_actor': 'China (alleged)',
'title': "China-Linked Cyber Attacks on Taiwan's Critical Infrastructure "
'(2025)',
'type': ['DDoS', 'Man-in-the-Middle', 'Data Theft', 'Cyber Espionage']}