Taiwan’s Energy Sector Under Siege: China’s Attacks Escalate by Tenfold

Taiwan’s Energy Sector Faces Tenfold Increase in Cyberattacks from China

In a recent report by Taiwan’s National Security Bureau, it was revealed that China’s cyberattacks on Taiwan’s energy sector surged exponentially in 2025 compared to the previous year. The attacks targeted critical infrastructure across nine key sectors, with a notable 6% increase in total cyber incidents linked to China.

The most alarming spike in cyberattacks was observed in the emergency rescue and hospitals sectors, experiencing a 54% increase, while the communications and transmissions sectors saw a 6.7% rise in incidents.

Despite the consistent threat activity on industrial parks and food sectors, there was a slight decrease in cyber incidents targeting administration agencies. The finance and water resources sectors also experienced a significant reduction in cyberattacks.

The NSB emphasized that the energy sector bore the brunt of the cyber onslaught, witnessing a staggering 1,000% increase in cyberattacks in 2025 compared to the previous year.

According to Taiwan’s National Security Bureau, many of the cyberattacks were coordinated with military activities, particularly during major political events, government announcements, and overseas visits by senior officials.

The report highlighted four prominent attack methods, with a focus on exploiting hardware and software vulnerabilities. Other tactics included distributed denial-of-service (DDoS) attacks, social engineering, and supply-chain incidents.

Specifically targeting the energy sector involved attacking industrial control systems and monitoring for opportunities to inject malware during planned software upgrades.

The NSB’s report stated, “China’s cyber army intensively probes into the network equipment and industrial control systems of Taiwan’s public-owned and private energy companies, including those in the petroleum, electricity, and natural gas sectors.”

See also  Evertrust Secures €10 Million in Funding to Fuel Growth in the European Digital Trust Sector

The communications sector faced adversary-in-the-middle (AitM) attacks and persistent access through network flaws, while government agencies were targeted with phishing and data theft. The tech sector experienced supply-chain and social engineering attacks aimed at stealing advanced chip and industrial technologies data.

The NSB attributed the cyber activity to Chinese hacker groups such as BlackTech, Flax Typhoon, Mustang Panda, APT41, and UNC3886.

The agency is actively collaborating with over 30 countries that recognize China as a significant cyber threat, engaging in intelligence sharing and joint investigations on malicious infrastructure.

From cleaning up old keys to setting guardrails for AI-generated code, this guide helps your team build securely from the start.

Download the cheat sheet and streamline secrets management.

Download Now