Taiwanese Hackers Accused Of Attacking China

Uploaded on 2025-03-25 in TECHNOLOGY--Hackers, INTELLIGENCE-Hot Spots-China, FREE TO VIEW

China’s top spy agency, the State Security Ministry (MSS), has said that four individuals probably linked to Taiwan’s military are cyber attacking mainland China. The MSS identified the suspects as members of Taiwan’s Information, Communications, and Electronic Force Command (ICEFCOM) within the defence ministry. 

There have been cyber attacks on China targeting key infrastructure, including power grids, water supplies and telecommunications networks since 2023 and the MSS claim that ICEFECOM has hired hackers and cyber security firms to conduct Taiwan government-directed cyber attacks. 

The MSS report revealed the names and photographs of Taiwanese military personnel accused of being ICEFCOM operatives. These include Lin Yushu, head of the Network Environment Research and Analysis Centre of the “Information, Communications and Electronic Force Command”, Cai Jiehong, team leader of the centre, plus two others. 

In a statement the Taiwanese Prime Minister Cho Jung-tai denied China’s allegations, saying MSS had fabricated them “in order to justify their own ongoing cyberattacks against Taiwan.” ICEFCOM said that its operations focus on national defence not cyber attacks on China, claiming that the accusations are aimed at intimidating the Taiwanese people. 

Taiwan and China’s  have a complex historic relationship which extends to cyberspace and Taiwanese security officials have consistently blamed  Chinese hackers for cyber attacks targeting the nation. In return, China accuses Taiwan of conducting cyber operations against the mainland and has recently begun publicly identifying the alleged threat actors behind the attacks. 

China first publicly named alleged Taiwanese hackers in 2024 when the MSS reported on Anonymous 64, a purported hacktivist group that China claims is actually operated by Taipei, according to Dakota Cary, a China expert  at cyber security firm SentinelOne.

Three Chinese cyber security firms QiAnXin, Antiy and Anheng Information have published separate reports detailing the activities of an alleged Taiwan-linked state threat actor tracked as APT-Q-20. They say that the group has been active since 2006 and has targeted government, military, defence, and scientific research institutions in China to obtain sensitive data. 

Gov.CN    |   SCMP   |   Radio Taiwan   |   Focus Taiwan  |  The Record   |   Taiwan National Security Bureau 

Image: Ideogram

You Might Also Read: 

China's Surveillance State Extends Beyond Its Borders:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Combatting Rising AI Attacks With AI-Powered Defences 
MS Windows Zero Day Vulnerability Widely Exploited »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Digitus Biometrics

Digitus Biometrics

Digitus Biometrics is a market leader in biometric access control. We can secure access to any entry point, from the front door to the server rack cabinet.

Planit Testing

Planit Testing

Planit is a leader in Quality Assurance and a specialist in software testing and training services.

BackBox Software

BackBox Software

BackBox is a leading provider of solutions for automated backup and recovery software for security and network devices.

Cyber Security Capital (CS^)

Cyber Security Capital (CS^)

Cyber Security Capital is a consultancy helping to mobilise and empower individuals, corporate leaders and entrepreneurs in cyber security.

Learning Tree International

Learning Tree International

Learning Tree's comprehensive cyber security training curriculum includes specialised IT security training and general cyber security courses for all levels of your organisation including the C-suite.

MrLooquer

MrLooquer

MrLooquer provide a solution to automatically discover the assets of organizations on the internet, determine the level of exposure to attacks and help to manage risk accurately.

National Centre for Cyber Security (NCCS) - Pakistan

National Centre for Cyber Security (NCCS) - Pakistan

National Centre for Cyber Security (NCCS) undertakes cyber security research and plays a leading role in securing Pakistan’s Cyberspace.

National Cybersecurity Society (NCSS) - USA

National Cybersecurity Society (NCSS) - USA

The National Cybersecurity Society is a non-profit organization focused on providing cybersecurity education, awareness and advocacy to small businesses.

M2SYS

M2SYS

M2SYS is a worldwide leader in identification and authentication solutions.

Internetwork Defense (IND)

Internetwork Defense (IND)

Internetwork Defense is a premier provider of Information Security Training and Business Consulting Services in the Mid-Atlantic region.

SecureStack

SecureStack

SecureStack helps software developers find security & scalability gaps in their web applications and offers ways to fix those gaps without forcing those developers to become security experts.

Code Intelligence

Code Intelligence

Code Intelligence offers a platform for automated software security testing to help developers make their software more robust and secure.

Inetum

Inetum

Inetum (formerly Gfi Informatique) is an agile IT services providing digital services and solutions, and a global group that helps companies and institutions to get the most out of digital flow.

appNovi

appNovi

appNovi inventories everything to map the attack surface, identify missing security agents, and prioritize vulnerabilities based on exposure.

TeamT5

TeamT5

TeamT5 Inc. is a leading cybersecurity company dedicated to cyber threat research and solutions.

Orchid Security

Orchid Security

Orchid Security provides unprecedented insight and action to your identity security with the help of advanced technologies like Large Language Models (LLM).