Website of Taiwan's presidential office receives overseas cyber attack - source

The website of Taiwan's presidential office was targeted by a distributed denial of service attack on Tuesday and was at one point malfunctioning, the office said in a statement. 

 A man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017. (photo credit: REUTERS/KACPER PEMPEL/ILLUSTRATION/FILE PHOTO)
A man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017.
(photo credit: REUTERS/KACPER PEMPEL/ILLUSTRATION/FILE PHOTO)

Digital attacks against Taiwanese government websites ahead of US House of Representatives Speaker Nancy Pelosi's arrival in Tapei on Tuesday were likely launched by Chinese activist hackers rather than the Chinese government, a cybersecurity research organization said.

The website of Taiwan's presidential office was targeted by a distributed denial of service (DDoS) attack on Tuesday and was at one point malfunctioning, the office said in a statement. 

Access to the website was restored within about 20 minutes of the attack, the statement said. Taiwanese government agencies were monitoring the situation in the face of "information warfare," a spokesperson later added.

A government portal website and Taiwan's foreign ministry website were also temporarily taken offline on Tuesday.

Foreign ministry statement

A pro-US sign is displayed on a tower ahead of U.S. House of Representatives Speaker Nancy Pelosi's expected visit, in Taipei, Taiwan August 2, 2022. (credit: ANN WANG/REUTERS)A pro-US sign is displayed on a tower ahead of U.S. House of Representatives Speaker Nancy Pelosi's expected visit, in Taipei, Taiwan August 2, 2022. (credit: ANN WANG/REUTERS)

In a statement, the foreign ministry said both websites had been hit with up to 8.5 million traffic requests a minute from a "large number of IPs from China, Russia and other places."

The attacks were ongoing, the statement added.

"Usually it continues for a few days, but they often lose interest within a week. Many of the attacks are motivated by what is written in the Chinese press."

Johannes Ullrich, Dean of Research at the SANS Technology Institute

DDoS attacks work by directing high volumes of internet traffic towards targeted servers in a relatively unsophisticated bid by so-called "hacktivists" to knock them offline.

"These are uncoordinated, random, moral-less attacks against websites that Chinese hacktivists use to get their message across," said Johannes Ullrich, Dean of Research at the SANS Technology Institute, a cybersecurity education and research organization.

"Usually it continues for a few days, but they often lose interest within a week. Many of the attacks are motivated by what is written in the Chinese press," Ullrich added.

The disruptive digital blitz came from hundreds of thousands of IP addresses, tied to devices registered within Chinese commercial internet space, Ullrich said.

A similar cohort of Chinese IP addresses had been scanning the internet for low-level, easily exploitable vulnerabilities since Friday, he added, and did not match the usual activity carried out by Chinese government hackers.