A frayed Ethernet cable is displayed in front of binary numbers and the words “cyber security” in an illustration photograph taken on March 8, 2022. Photo: Reuters

CYBERSECURITY: Data transmitted via cables can be intercepted, physically monitored or spied on, so they should be kept within premises, a researcher said

By Wu Che-yu and Esme Yeh / Staff reporter, with staff writer

A Chinese monopoly on local telecommunications in some countries poses a security threat to Taiwan’s overseas missions, an academic has said.

Kuma Academy chief executive officer Ho Cheng-hui （何澄輝） made the remarks following the release of the Ministry of Foreign Affairs’ （MOFA） budget review report for this fiscal year, which said that 14 overseas missions were found to use questionable brands of information and communications technology （ICT）, and 19 use services from questionable telecoms.

The report on “the review and implementation of protective measures for the information security at overseas missions” said that telecom services at 17 missions cannot be replaced due to Chinese companies’ monopoly on local telecom markets.

Aside from the 17 missions, two other missions were found to have installed Chinese social media apps on official mobile phones to collect information and communicate with overseas communities, the ministry said, adding that it has registered the phones and ordered more inspections.

The phones are going to be managed by the ministry personnel according to the “for official use only” principle and may not connect to the ministry’s network, it said.

As the Chinese equipment and services are irreplaceable in some places, the missions’ information security would be reinforced through project management and periodic inspections, it added.

Ho said that overseas missions are supposed to compartmentalize data and messages of different levels, and adopt safer encryption channels to exchange information, but there are still risks as most Chinese services used by the missions have a backdoor.

Sensitive information such as personal documents could be handled elsewhere rather than the duty area, as there might be risks related to the local environment, he said.

The Ministry of Digital Affairs should inspect each overseas mission along with MOFA, or a government agency should be assigned to conduct a general review, he said.

MOFA should provide officials in each mission with information security training, he said.

The inspections can be conducted by task forces or non-governmental information security companies to avoid departmental parochialism, he added.

Overseas missions generally would have their information encrypted, but they should be more careful of personnel’s ICT equipment, said Tzeng Yi-suo （曾怡碩）, assistant research fellow of the Institute for National Defense and Security Research’s Division of Cyber Security and Decision-Making Simulation.

Even data transmitted via cables can be intercepted, physically monitored or spied on, so it is important to keep information within premises, Tzeng said.

新聞來源：TAIPEI TIMES

不用抽 不用搶 現在用APP看新聞 保證天天中獎　 點我下載APP　 按我看活動辦法