Leaked Chinese data shows Taiwan potential 'hacker springboard': NICS

Taipei, Oct. 7 (CNA) A recent major leak of surveillance data from China shows Beijing could use Taiwan as a "springboard" for hackers to launch cyberattacks, according to the National Institute of Cyber Security (NICS) under Taiwan's Ministry of Digital Affairs, which urged the public to remain cautious and reduce risks when logging onto Chinese social media.

According to an analysis report released Tuesday by NICS, the leaking of 600GB of data linked to the Great Firewall of China demonstrates that Beijing not only conducts domestic cyber surveillance but also exports such surveillance technologies to foreign countries.

In mid-September, what is being described as the largest leak linked to the Great Firewall of China was posted online with materials reportedly containing source codes, internal communications, work logs, and technical documentation from groups believed to be involved in setting up and maintaining the surveillance system.

Commenting on the data leaks from China, NICS President Lin Ying-der (林盈達) said Chinese online surveillance efforts include the use of virtual private networks (VPN), which are used as network virtualization to extend a private network across a public network, instant messaging services and social media, which can monitor email exchanges, measure data flows and even plant malware to launch cyberattacks.

China has also exported such cyberattack skills to countries such as Cambodia, Pakistan, Ethiopia and Kazakhstan, he claimed.

While these cyberattack skills currently have had limited impact on the everyday life of people in Taiwan, the NISC report said, Taiwan has been targeted by China as a springboard for hackers to launch their attacks. NISC added people in Taiwan should be aware of such risks.

The NISC said when individual Taiwanese log onto popular Chinese social media such as Little Red Book or Xiaohongshu (小紅書), TikTok (抖音) and Weibo (微博), it is possible that other related Chinese social media will connect with these popular apps to obtain the personal data of Taiwanese users which could result in those users being harassed.

When local individuals take trips to any foreign countries with high cybersecurity risks, they should avoid sharing sensitive information and closely follow multi-factor authentication requirements, the NISC added.

When using unfamiliar devices, the NISC said, Taiwanese should limit personal data exposure and permission settings to reduce the risk of identity verification or tracking.

Taiwanese enterprises should also carefully evaluate possible cybersecurity risks faced by their overseas operations and take into account cybersecurity when engaged in cross-border cooperation, to prevent leaks of their technology, the NCIS said.

International news media reported the leaked 600GB of internal files dumped online exposed the inner workings of China's internet censorship and surveillance infrastructure.