|
Hacking attack on DPP
a potential ‘Watergate’
THREATS: The nature of the classified
information retrieved by hackers targeting the DPP underscores the KMT’s fears
of losing next year’s election, a security expert says
By J. Michael Cole / Staff Reporter
The recent hacking attacks targeting Democratic Progressive Party (DPP)
officials and senior staff at Chairperson Tsai Ing-wen’s (蔡英文) presidential
campaign office could be Taiwan’s version of the Watergate scandal, a former
official in charge of electronic communications for the government has said.
The DPP last week announced that the e-mail accounts of senior officials and
staff at Tsai’s office had been hacked into and that confidential information
had been stolen. In a press release, the party said that an investigation had
traced the attacks back to IP addresses from Xinhua news agency bureaus in
Beijing and Malaysia, addresses in Australia, as well as the Research,
Development and Evaluation Commission (RDEC) in Taipei.
Among those targeted was Alex Huang (黃重諺), deputy director of the party’s Policy
Research Committee, who said he received between 10 and 20 e-mails a day that
looked like they were written by colleagues, but that, once opened, would
automatically install malware that monitors a user’s computer.
A former senior official who handled electronic communication security under
former president Chen Shui-bian’s (陳水扁) administration told the Taipei Times on
condition of anonymity last week that the truly worrying aspect of the recent
attacks was the domestic angle.
The former official, whose e-mail account was among those targeted by hackers,
said the attacks started in March — the same month Tsai officially launched her
presidential campaign — and spiked in May.
Aside from the campaign office and DPP officials, the DPP’s think tank and the
e-mail accounts of academics associated with the party were also targeted, said
the former official, who returned to academia after leaving government and
remains involved with the party.
According to the former official, the nature of the confidential information
targeted by the hackers represented a clear departure from traditional hacking
by China.
Predominantly electoral information, such as campaign promotional material,
event schedules and Tsai’s platform, was accessed by the hackers, he said.
“I don’t think Beijing is very much interested in the DPP’s strategy for social
security,” the former official said, adding that this pointed instead to
possible attempts by the Chinese Nationalist Party (KMT), or its supporters to
steal that information.
Traditionally, Chinese espionage operations against Taiwan, including hacking,
have targeted its foreign policy, potential arms purchases and position on
Taiwan independence.
If the source’s conclusions were correct, this would signify that the domestic
attacks and those originating from overseas were likely unrelated.
Asked if the DPP had faced similar attacks in the lead-up to the presidential
election in 2008, the source said this was not the case.
“Everybody knew back then that the DPP was going to lose the election,” he said,
adding that at the time, the DPP was in power and the nation’s national security
apparatus had “demonstrated its neutrality.”
The possibility that the Ma campaign or someone within the KMT orchestrated the
hacking attacks against Tsai’s campaign would signal great uncertainty within
the KMT regarding Ma’s chances of getting re-elected in January, he said.
However, the source doubted the attack was launched at the executive level, such
as at the RDEC, saying instead that the professional nature of the operation
pointed to the National Security Bureau (NSB).
“They knew what they were doing. Amateur hackers usually limit themselves to
changing content on a page. The attacks against the DPP were far more focused
and information was retrieved,” he said. “They were professionals.”
In his opinion, this was either an NSB job or carried out by a former NSB
official or officials on behalf of the KMT.
Ma’s campaign office told the Taipei Times yesterday its campaign team had been
receiving suspicious e-mails with unknown attachments or Web links since the
office was launched in June, but did not define such situations as hacking
attacks.
Lee Chia-fei (李佳霏), a spokesperson for Ma’s campaign office, said the office had
set up an information security team to handle information leaks and possible
hacking activity, and that the team reminded staff members to be cautious about
suspicious e-mails.
She said the identity of campaign staff, including her and Yin Wei (殷偉), another
campaign spokesperson, had been “hijacked” before, but the team handled the
problem as a regular information security issue that anyone could face when
using the Internet.
Lee dismissed accusations that the campaign office could be involved in hacking
against the DPP and accused the opposition party of manipulating information
security issue for electoral purposes.
“What we do is take precautionary measures when handling e-mails and using the
Internet. We would not manipulate the issue for election campaign purposes or
make groundless accusations against others,” she said.
Lee’s comments contradicted an article headlined “Cyber-attacks targeting KMT,
DPP revealed” published in the KMT-friendly China Post on Wednesday last week —
one day after the DPP made its complaint public — in which Ma’s office was
reported to have “confirmed” it had suffered recent hacking attacks.
However, the office did not provide details or whether any information had been
leaked and told the Post that “time constraints” had prevented them from
“looking into the high number of hacking activities, and [that] to chase after
each case would be futile.”
Meanwhile, a Xinhua spokesperson last week dismissed the allegations that its
offices were behind the attacks against the DPP, calling them “groundless.”
“As a news service provider, we have an impartial and objective stance on the
election of the Taiwan region [sic], and we will never interfere in the matter,”
the spokesperson told the Epoch Times.
“The campaign office of Tsai Ing-wen, without serious verification,
presumptuously claimed Xinhua as a source of the cyber attacks, which terribly
tainted Xinhua’s reputation,” the spokesperson said, adding that IP addresses
can be hijacked to cloak cyber attacks.
Western intelligence agencies worldwide have long suspected Xinhua bureaus and
reporters to act as intelligence officers for Beijing.
ADDITIONAL REPORTING BY MO YAN-CHIH
|
