Jun 09, 2025 11:54:00

China accuses Taiwan of running five cyber attack groups with US backing

China's National Computer Virus Emergency Response Center released a report stating that 'Taiwan, with the support of the United States, targeted China in cyber attacks over the course of several years, but the attacks were as weak as ants trying to shake a tree.'

Investigation_report_on_Cyberattacks_launched_by_Taiwan_ICEFCOM_EN.pdf
(PDF file)

https://www.cverc.org.cn/head/zhaiyao/Investigation_report_on_Cyberattacks_launched_by_Taiwan_ICEFCOM_EN.pdf

China accuses Taiwan and the US of being feeble hackers • The Register

https://www.theregister.com/2025/06/05/china_taiwan_us_apt_report/?td=rt-3a

In a report titled 'Futility: An Investigation into Cyber Attacks by Taiwan's ICEFCOM (Intelligence and Electronic Warfare Command) and Its APT Actors,' Chinese authorities pointed out the existence of a Taiwan-based hacker group.

ICEFCOM was founded in 2017, and Chinese authorities have pointed out that this organization supports multiple hacker groups (APT groups). According to them, the main purpose of the APT groups is to steal confidential information, including important foreign policy, defense technology, and cutting-edge technology, and sell it to anti-China forces, and they cooperate with the US government and military in cyber warfare and intelligence operations to counter anti-China forces.

China claims to have first identified attacks by one of the groups, APT-C-64, in 2006, and that some of its members have been active in promoting Taiwanese independence since the 1980s. The existence of hacker groups that ICEFCOM claims to be the parent of is widely known in China, and in May 2025, the Guangzhou Municipal Public Security Bureau

issued arrest warrants for 20 suspects, alleging that 'ICEFCOM orchestrated illegal attacks and launched cyber attacks on technology companies in Guangzhou.'

The newly released report criticised ICEFCOM's tactics as sloppy and described the agency as 'as helpless as ants shaking a tree'.

For example, authorities point out that APT groups attempt to plant malware to gather information, but they only exploit known vulnerabilities and have low-level capabilities, with little ability to find new ones.

In addition, the report states that China is highly reliant on 'public resources' - including free or open source code, Trojans, tools, commercial penetration testing frameworks, and publicly available cyber attack techniques and tactics - and lacks the ability to develop its own cyber weapons and tactics.

Chinese officials explained that this tactic allows APT groups to monitor critical infrastructure at a time when key talks are taking place between the United States and Taiwan.