為達最佳瀏覽效果,建議使用 Chrome、Firefox 或 Microsoft Edge 的瀏覽器。

請至Edge官網下載 請至FireFox官網下載 請至Google官網下載
晴時多雲

    限制級
    您即將進入之新聞內容 需滿18歲 方可瀏覽。
    根據「電腦網路內容分級處理辦法」修正條文第六條第三款規定,已於網站首頁或各該限制級網頁,依台灣網站分級推廣基金會規定作標示。 台灣網站分級推廣基金會(TICRF)網站:http://www.ticrf.org.tw

    《TAIPEI TIMES》 Officials face barrage of cyberthreats

    The Executive Yuan building in Taipei is pictured in an undated photograph.
Photo: CNA

    The Executive Yuan building in Taipei is pictured in an undated photograph. Photo: CNA

    2021/01/27 03:00

    BACKBONE HACKED: The Department of Cybersecurity said that while the unusually high number of unidentified incidents is cause for concern, more analysis is needed

    By Lu Yi-husan and Jonathan Chin / Staff reporter, with staff writer

    The Executive Yuan’s Department of Cybersecurity last month detected 99,293 cybersecurity threats involving the government’s backbone networks, or the highest number of monthly incidents in nearly two years, according to the department’s monthly cybersecurity bulletin.

    The report said that 40 percent of the incidents have yet to be investigated, while 23 percent were confirmed cyberattacks and 18 percent were probes.

    While the amount of cyberattacks and probes falls within expectations, the large number of unidentified incidents is cause for concern, department Director-General Jyan Hong-wei (簡宏偉) said yesterday.

    “In some cases, a judgement cannot be made immediately following an incident report,” he said.

    “These incidents have to be matched against the tracking database, while further analysis and investigation could take time, ranging from many months to a year,” he said.

    “We have to understand what they are: whether they are a novel form of attack or whether they foreshadow a large-scale attack,” he added.

    Fifty-two of last month’s incidents were reported while the incident was happening, and the majority of those were detected by information technology centers, the report said.

    Among these incidents, 53.8 percent involved malware, denial of service attacks and insertion of cryptocurrency mining software, the report added.

    Notably, a state apparatus listed is category A regarding cybersecurity responsibility suffered a breach of its noncore operating system in the form of Domain Name System tunneling, the report said.

    It is believed that a hacker used a Structured Query Language injection technique to attack a platform for renting public venues and obtained system administrator privileges, the report said.

    The affected server was removed from the network and its data was backed up for outside security firms to examine, it said.

    “This incident illustrates the point that hackers might target noncore operating systems for attack,” the report said.

    “This really should not have happened,” Jyan said. “Although most apparatuses are focused on securing core operating systems, the department remains highly concerned with the noncore systems that could become gaps in our defense.”

    “The monthly report is a reminder to government agencies that all systems need to be tested for weaknesses and their vulnerabilities patched,” Jyan added.

    新聞來源:TAIPEI TIMES

    不用抽 不用搶 現在用APP看新聞 保證天天中獎  點我下載APP  按我看活動辦法

    焦點今日熱門

    網友回應

    此網頁已閒置超過5分鐘,請點擊透明黑底或右下角 X 鈕。