The website of Taiwan’s presidential office went dark Tuesday due to an alleged distributed denial-of-service attack, with other government websites also impacted.
Tense moment: The attack took place hours ahead of House Speaker Nancy Pelosi’s visit to Taiwan. The Chinese government threatened to take action to respond to the trip, and Taiwan is reportedly readying air raid shelters in anticipation of a potential Chinese attack.
Taiwan Presidential Office spokesperson Chang Tun-Han confirmed the DDoS attack on the office in a post on Facebook, noting that the DDoS attack consisted of 200 times more traffic to the website than normal, and it was carried out by a group from outside Taiwan.
Bigger attack: NBC News reported that other Taiwanese government sites were also down ahead of Pelosi’s visit, including the Ministry of National Defense, the Ministry of Foreign Affairs, and the website of Taiwan Taoyuan International Airport, where Pelosi’s plane landed.
All three websites were up and running as of publication. Doug Madory, director of Internet Analysis at traffic monitoring group Kentik, said Tuesday that his company had tracked the attacks on the three websites, describing the DDoS incidents as "effective even if they were not record-breaking." He noted that overall internet traffic for Taiwan looked "pretty normal."
John Hultquist, the vice president of Intelligence Analysis at cybersecurity group Mandiant, said Tuesday that the company was tracking an overall increase in Chinese threats against Taiwan. This included two “Chinese information operations” changing tactics to spread disinformation around dangers involved in Pelosi’s visit.
“We anticipate that Chinese actors are also carrying out significant cyber espionage against targets in Taiwan and the U.S. to provide intelligence on the crisis,” Hultquist said.
While he did not link the DDoS attacks to China, Hultquist warned that “on rare occasions, Chinese state actors have been linked to DDoS capability, destructive attack, and possible probing of critical infrastructure. Nonetheless, we believe China is capable of significant cyber attacks inside Taiwan and abroad.”
Low-level: James Lewis, the director of the Strategic Technologies Program at the Center for Strategic and International Studies, downplayed the attacks, noting they were likely not tied back directly to the Chinese government, and describing them as “squeals of rage.”
“DDOS means it is 'patriotic hackers,' amateur Chinese hackers expressing their displeasure,” Lewis said Tuesday. “Fairly normal stuff for Chinese netizens, doesn’t even need official encouragement.”
A spokesperson for the Chinese Embassy in Washington, D.C. did not respond to a request for comment on the attacks. A spokesperson for the White House did not immediately respond to questions around if the Biden administration is tracking cyber threats to Taiwan.