Taiwan Faces Record Surge in Chinese Cyberattacks in 2025
In 2025, Taiwan experienced an unprecedented wave of cyberattacks, with an average of 2.63 million daily incidents—a 6% increase from 2024 and a 113% jump from 2023, according to a report by Taiwan’s National Security Bureau. The attacks, attributed to Chinese state-linked cyber units, targeted critical infrastructure as part of a broader hybrid warfare strategy amid escalating political and military tensions between Taipei and Beijing.
The cyber offensives were highly coordinated, often aligning with Chinese military exercises and politically sensitive moments in Taiwan. Over 40 joint combat readiness patrols by China saw cyberattack spikes in more than half of the cases, while surges also occurred during key events, such as speeches by President Lai Ching-te and international engagements by Vice President Hsiao Bi-khim. Methods included DDoS attacks to overwhelm systems and man-in-the-middle attacks to intercept data.
Critical sectors bore the brunt of the assaults, including:
- Energy grids and emergency response systems, facing heightened probing and traffic surges.
- Hospitals, banks, and telecommunications networks, straining cybersecurity defenses.
- Technology hubs, particularly semiconductor research parks, raising concerns over intellectual property theft and disruptions to global supply chains.
While Beijing denies involvement, Taiwan views the attacks as a deliberate campaign to undermine government operations, public confidence, and democratic institutions. In response, Taiwan has bolstered its cyber defenses with advanced threat detection, incident response teams, and public-private collaboration, aiming to harden infrastructure and improve resilience.
The attacks extend beyond Taiwan, reflecting a global trend where digital operations serve as tools of geopolitical pressure. Experts warn that unchecked state-backed cyber aggression could destabilize regional security and disrupt international supply chains, banking systems, and communications networks. Addressing these threats, officials argue, will require stronger domestic defenses and international cooperation on threat intelligence and cyber norms.
Taiwan Security Research cybersecurity rating report: https://www.rankiteo.com/company/taiwan-security-research
National Security Bureau cybersecurity rating report: https://www.rankiteo.com/company/national-security-bureau
"id": "TAINAT1767621958",
"linkid": "taiwan-security-research, national-security-bureau",
"type": "Cyber Attack",
"date": "1/2025",
"severity": "100",
"impact": "7",
"explanation": "Attack that could injure or kill people"{'affected_entities': [{'customers_affected': 'General public and critical '
'service users',
'industry': 'Public Sector',
'location': 'Taiwan',
'name': 'Taiwanese Government',
'type': 'Government'},
{'industry': 'Energy',
'location': 'Taiwan',
'name': 'Energy Sector',
'type': 'Critical Infrastructure'},
{'customers_affected': 'Patients and healthcare '
'providers',
'industry': 'Healthcare',
'location': 'Taiwan',
'name': 'Healthcare Sector',
'type': 'Critical Infrastructure'},
{'industry': 'Finance',
'location': 'Taiwan',
'name': 'Banking Sector',
'type': 'Critical Infrastructure'},
{'customers_affected': 'Global supply chains',
'industry': 'Technology',
'location': 'Taiwan',
'name': 'Semiconductor Sector',
'type': 'Technology Hubs'}],
'attack_vector': ['Distributed Denial-of-Service (DDoS)',
'Data Interception',
'Probing Attempts'],
'data_breach': {'data_exfiltration': 'Yes',
'sensitivity_of_data': 'High (e.g., proprietary semiconductor '
'technologies)',
'type_of_data_compromised': ['Telecommunications data',
'Proprietary technologies']},
'date_detected': '2025',
'date_publicly_disclosed': '2025',
'description': 'In 2025, Taiwan faced an unprecedented wave of Chinese '
'cyberattacks targeting its critical infrastructure, with an '
'average of 2.63 million daily incidents recorded. These '
'attacks were coordinated with China’s military exercises and '
'political maneuvers, forming part of a broader strategy of '
"'hybrid warfare' aimed at weakening Taiwan’s social and "
'government systems. Critical sectors such as energy, '
'healthcare, emergency services, and banking were heavily '
'targeted.',
'impact': {'brand_reputation_impact': 'Potential erosion of public confidence '
'in democratic institutions and '
'critical services',
'data_compromised': 'Data interception and theft from '
'telecommunications networks',
'operational_impact': 'Strain on cybersecurity defenses; potential '
'disruptions to public safety and essential '
'services',
'systems_affected': ['Energy services',
'Hospitals',
'Emergency rescue systems',
'Banks',
'Telecommunications networks',
'Semiconductor sector']},
'initial_access_broker': {'high_value_targets': ['Semiconductor sector',
'Government systems']},
'investigation_status': 'Ongoing',
'lessons_learned': 'The need for stronger domestic cybersecurity measures, '
'international collaboration, and resilience building '
'across public and private sectors to counter state-backed '
'cyber threats.',
'motivation': ['Political pressure',
'Disruption of critical infrastructure',
'Theft of proprietary technologies',
'Psychological impact'],
'post_incident_analysis': {'corrective_actions': ['Strengthen cybersecurity '
'infrastructure',
'Improve coordination '
'between government and '
'private sectors',
'Enhance real-time '
'monitoring and threat '
'detection'],
'root_causes': 'Geopolitical tensions, '
'state-backed cyber operations, and '
'strategic hybrid warfare tactics'},
'recommendations': ['Enhance threat intelligence sharing',
'Develop global norms for state behavior in cyberspace',
'Build cooperative defense mechanisms',
'Invest in cutting-edge security tools',
'Educate the public on threat awareness'],
'references': [{'date_accessed': '2025',
'source': 'Taiwan’s National Security Bureau'}],
'response': {'communication_strategy': 'Coordination between government '
'agencies and private-sector '
'cybersecurity experts',
'containment_measures': ['Advanced threat detection',
'Improved incident response teams',
'Real-time monitoring'],
'enhanced_monitoring': 'Yes',
'incident_response_plan_activated': 'Yes',
'remediation_measures': ['Infrastructure hardening',
'Rapid containment tactics']},
'stakeholder_advisories': 'Taiwanese officials emphasize the strategic '
'dimension of these cyber campaigns and the need '
'for coordinated defense efforts.',
'threat_actor': 'Chinese state-linked cyber units',
'title': "Unprecedented Wave of Chinese Cyberattacks on Taiwan's Critical "
'Infrastructure (2025)',
'type': ['DDoS', 'Man-in-the-Middle', 'Network Intrusion', 'Hybrid Warfare']}