Thursday 16 July, 2026
[email protected]
Resilience Media
  • News
    • Events
    • Interview
    • Startups
    • Venture
    • Weekly Digest
  • Resilience Conference
    • Resilience Conference Warsaw 2026
    • Resilience Conference Copenhagen 2026
    • Resilience Conference London 2026
  • About
  • Guest Posts
    • Author a Post
  • Subscribe
No Result
View All Result
  • News
    • Events
    • Interview
    • Startups
    • Venture
    • Weekly Digest
  • Resilience Conference
    • Resilience Conference Warsaw 2026
    • Resilience Conference Copenhagen 2026
    • Resilience Conference London 2026
  • About
  • Guest Posts
    • Author a Post
  • Subscribe
No Result
View All Result
Resilience Media
No Result
View All Result

Understanding China’s cyberthreat to Taiwan’s infrastructure

The aim, for now, is less about causing chaos and more about understanding the vulnerabilities -- and how to exploit them in future

Paddy StephensbyPaddy Stephens
May 29, 2026
in News
city building during daytime
Share on Linkedin

Discussions about Taiwan’s security often focus on the military domain, but in any crisis, the resilience of Taiwan’s critical infrastructure to Chinese cyberattacks would likely be tested.

You Might Also Like

Ukrainian Defense Minister Fedorov resigns in cabinet change

SCOOP: Cambridge Aerospace is closing in on $300M at a $3.4B valuation

Monumental seals up $32M to build out its fleet of construction robots

Information about critical infrastructure is closely guarded, making it difficult to assess Taiwan’s cyberreadiness. But incidents such as one last month, when a Taiwanese college student halted four high-speed rail trains using only off-the-shelf radio equipment, are hardly encouraging.

There is growing concern about China’s escalating cyber pressure on Taiwan and its possible impact in a crisis. In a speech at the CYBERSEC conference in Taipei earlier this month, Lin Ying-Dar, president of the National Institute of Cyber Security, highlighted the risk that any cyberattack could create cascading failures across other sectors.

Also at the conference, Chuck Weissenborn, CTO at Dragos Public Sector, highlighted a new, China-linked cyberespionage group called Azurite that targets Taiwan and several other countries.

“The only reason you need to collect some of the information they are collecting is if you intend to cause an attack,” he said.

In 2025, on average, China’s cyber army launched 2.63 million intrusion attempts per day against Taiwan’s critical infrastructure, according to a report from Taiwan’s National Security Bureau. That is a 6% increase on the previous year, but more than double the figure from 2023.

Amidst this constant barrage of cyberattacks, Taiwan is a country that still functions very well. That, however, may be less indicative of the resilience of the systems and more suggestive of the attackers’ intentions.

The main aim of these cyberattacks, experts say, may well not be chaos – at least for now. Rather, they’re trying to understand Taiwan’s vulnerabilities.

“The aim is to understand the cyber terrain of the critical infrastructure of Taiwan, and know where and what they can turn off at their military time of choosing,” said William Hagestad, a retired lieutenant colonel in the US Marines and expert on Chinese cyberwarfare.

It is mainly about understanding the vulnerabilities and what they can crash, agrees Dr Shih-Hao Chang, an associate professor at National Taipei University of Technology and member of Taiwan’s Cybersecurity Research Center.

And as AI becomes more advanced, it will offer additional tools for both attackers and defenders. Hagestad highlights the “automated hacking” capabilities increasingly available to China. “For example, you could ask AI to construct a series of attacks against all essential services within Taiwan,” he said. “‘Bring me back all of the IP addresses of every telephone central office in the country, and then run an exploit discoverability tool against that, and make it happen on my command.’”

What is China targeting specifically?

“They’re looking at those systems that support the critical infrastructure of the country: water systems, airports, ports,” said Hagestad. “Anything that, if taken out, would cause confusion amongst the civilian population, so they would start to doubt the Taiwanese government’s ability and resolve to protect them against China if it were to invade.”

Once hackers get into a system, one thing they could do is wreak havoc, he acknowledged. “But I don’t think the Chinese military hackers are bent on destruction because they want to preserve Taiwan and its infrastructure,” he continued. They just want to be able to disable it temporarily.

In the report about Chinese cyberthreats to critical infrastructure, Taiwan’s security agency said that energy and hospital sectors experienced the “most significant year-on-year surge in cyberattacks from Chinese threat actors.”

China’s cyber army continues exploiting vulnerabilities in the websites and systems of major hospitals in Taiwan, utilising ransomware to compromise the operation of those hospitals, the report said. Exploitation of hardware and software vulnerabilities accounted for more than half of the intrusion attempts.

It’s worth noting that the figure of 2.63 million daily intrusion attempts from the report is just the cyberattacks that the government is aware of. The actual number of attacks is “definitely higher” than that, said Chang.

These uncounted attacks are the most concerning because they show how clearly the attackers understand the infrastructure. “They already understand what kind of attack you cannot identify,” he said.

Chang added another caveat: the actual number of cyberattacks matters less than the quality of them. In other words, analysis should focus more on what is being targeted and what kinds of weaknesses are being found. The government is not conducting this kind of analysis, he believes, though his team is working on it themselves.

One of the most striking figures from the report is the 1,000% year-on-year rise in cyberattacks on energy infrastructure.

As a report from the Atlantic Council noted in 2024, “several of Taiwan’s critical infrastructures, such as the electric grid and the water system, are significantly centralised or have other notable vulnerabilities … that increases the potential consequences from a successful cyberattack.”

Due to this centralisation, Taiwan’s grid is fragile even in peacetime (see here for a deeper dive on the power grid vulnerabilities), and therefore it is particularly vulnerable in a conflict.

The government is now working to boost its resilience, but increased use of both renewable power and smart grids may create additional cyber vulnerabilities that can be exploited.

The grid and water systems have some amount of redundancy built in. But if an “attack concurrently happens in many places, the whole thing crashes,” warned Chang.

“Once they understand where to use which protocols to control [certain things], they can control the physical devices,” he said. For “some of our [critical infrastructure], maybe they already know how to do that.”

China’s understanding of Taiwan’s critical infrastructure is likely being enhanced by long-standing use of Chinese hardware. One of the risks raised globally around Chinese hardware has been that it will have been designed to send information back to China, giving China a ‘map’ of a system that makes it easier to work out what to attack.

Officially, the Taiwanese government has stopped buying Chinese hardware. In December 2020, the Executive Yuan began prohibiting the use of Chinese information and communications products by government agencies, including software, hardware and services. Many agencies have clauses in their tenders forbidding the purchase of Chinese products.

But this has failed to stop all new purchases, as Chinese-made equipment can easily be resold by Taiwanese companies. In 2024, a Taiwanese contractor and its subsidiary installed banned Chinese-made equipment and devices at four solar power projects sites at three military facilities, according to the Ministry of National Defense’s Armaments Bureau.

And in 2022, an investigation found that banned security and surveillance products from China had entered Taiwan disguised as Taiwanese brands. According to the reporting, later confirmed by a government investigation, Chinese-made surveillance equipment – labeled as “made in Taiwan” – was discovered at Taiwan’s most important industrial park, which is managed by the Ministry of Economics Affairs. The MOEA has stated that the products violated contract and had been replaced, noting also that the systems were not connected to the internet and so posed no information security leak risk.

Meanwhile, older Chinese systems pre-dating the ban may remain in use in parts of the critical infrastructure. Quickly replacing existing hardware and software – which both work perfectly fine – can be challenging, Chang noted, because of the risk that any issues created by installing new systems could lead to disruption.

Typically, organisations running critical infrastructure don’t upgrade their operational technology systems until necessary due to failure, Felix Wu, dean of the College of Electrical Engineering and Computer Science at National Cheng Kung University, told Domino Theory.

Still, Chang says, “we need to define the timeline… to replace, say, 90%” of these Chinese-made systems, suggesting that the government requires this be done within 5 years. But so far, “our government still doesn’t do that.”

 

Tags: ChinaCybersecurityInfrastructuresecurityTaiwan
Previous Post

Weekly Digest: Odd Systems’ new camera, RevEng.ai raises $15M Series A, Germany goes with ChapsVision over Palantir

Next Post

Hermeus logs first supersonic flight for the uncrewed Quarterhorse Mk 2.1 jet

Paddy Stephens

Paddy Stephens

Paddy Stephens is a freelance tech and energy journalist based in Taipei. He has written about Taiwan for the Financial Times, The Economist, and the Wire China, and is the author of The New Space Race Substack.

Related News

Ukrainian Defense Minister Fedorov resigns in cabinet change

Ukrainian Defense Minister Fedorov resigns in cabinet change

byJohn Biggs
July 15, 2026

According to an X report, Ukrainian Defence Minister Mykhailo Fedorov has resigned as part of President Volodymyr Zelensky's latest Cabinet...

UK MoD tests British-built anti-Shahed system in Jordan

SCOOP: Cambridge Aerospace is closing in on $300M at a $3.4B valuation

byIngrid Lundenand1 others
July 15, 2026

Defence tech investing continues to heat up in Europe amid strong calls for re-armament across NATO and the ongoing war...

Robot building a canal wall in The Netherlands

Monumental seals up $32M to build out its fleet of construction robots

byIngrid Lunden
July 15, 2026

Monumental — a construction tech company founded and run by Palantir alums — has raised $32 million to scale its...

view of Earth and satellite

Germany’s space awakening

byPaddy Stephens
July 15, 2026

“Our Achilles’ heel lies in space,” warned German Defence Minister Boris Pistorius at the Berlin Space Conference in September last...

Expeditions leads €15M bet on European defence software startup Project Q

Expeditions leads €15M bet on European defence software startup Project Q

byCarly Page
July 14, 2026

European defence software startup Project Q has raised €15 million in Series A funding less than a year after its...

Helsing opens its first US factory, in West Virginia, to build more HX-2 drones

Helsing opens its first US factory, in West Virginia, to build more HX-2 drones

byIngrid Lunden
July 14, 2026

In July 2025, the US government tested out Helsing drones for the first time during the Project Flytrap exercise in...

Deterrence lies in production capacity and cognitive warfare

NATO DIANA selects ten innovators for its decision superiority challenge

byJohn Biggs
July 13, 2026

NATO’s Defence Innovation Accelerator for the North Atlantic, or DIANA, has selected ten companies to take part in its Decision...

Silhouette of a drone in flight against a orange sunset sky.

Auterion to equip 50,000 Ukrainian strike drones with precision guidance tech

byPaul Sawers
July 13, 2026

Ukraine's drone war has always come down to volume and accuracy — get enough systems onto the battlefield, and get...

Load More
Next Post
Hermeus logs first supersonic flight for the uncrewed Quarterhorse Mk 2.1 jet

Hermeus logs first supersonic flight for the uncrewed Quarterhorse Mk 2.1 jet

Energy, robotics, and defence are driving deep tech growth in the Baltics

Energy, robotics, and defence are driving deep tech growth in the Baltics

Most viewed

InVeris announces fats Drone, an integrated, multi-party drone flight simulator

Uforce raises $50M at a $1B+ valuation to build defence tech for Ukraine

Auterion, the drone software startup, eyes raising $200M at a $1.2B+ valuation

Palantir and Ukraine’s Brave1 have built a new AI “Dataroom”

Twentyfour Industries emerges from stealth with $11.8M for mass-produced drones

Senai exits stealth to help governments harness online video intelligence

Resilience Media is an independent publication covering the future of defence, security, and resilience. Our reporting focuses on emerging technologies, strategic threats, and the growing role of startups and investors in the defence of democracy.

  • About
  • News
  • Resilence Conference
    • Resilience Conference Copenhagen 2026
    • Resilience Conference Warsaw 2026
    • Resilience Conference 2026
  • Guest Posts
  • Subscribe
  • Privacy Policy
  • Terms & Conditions
  • Mission Statement & Code of Practice
  • Press

© 2026 Resilience Media

No Result
View All Result
  • Home
  • About
  • Subscribe
  • Events
  • Guest Posts
  • Interview
  • News
  • Resilience Conference London 2026
  • Resilience Conference Copenhagen 2026
  • Resilience Conference Warsaw 2026

© 2026 Resilience Media

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.