With the U.S. presidential race embroiled in controversy due in no small part to hacked emails revealing intimate details of strategy and opinion, while Taiwan deals with a spectacular heist of local ATMs by Russian hackers based in London, the threat of cyber-attacks spans the globe.
Accordingly, on October 6, AmCham Taipei joined hands with three influential Taiwanese associations – the Information Service Industry Association of the R.O.C. (CISA), the Cloud Computing Association in Taiwan, and Taipei Computer Association (TCA) – to host the 2016 Cybersecurity Forum. Sponsored by Microsoft Taiwan and the FireEye internet security firm, the forum featured notable speakers representing the U.S. FBI, the Executive Yuan’s Department of Cyber Security, the Ministry of Justice, and Deloitte & Touche, as well as industry experts from FireEye, IBM, Intumit, and Microsoft.
The forum opened with recorded remarks by Audrey Tang, the celebrated “hacktivist” and now Minister without Portfolio, who described attacks against Taiwanese government and businesses as “one of the most urgent challenges that we have to deal with.” Tang said that only by assuring cybersecurity “can we realize the full potential” of the internet as a “vibrant force for economic, social and cultural development.”
Rod Morgan, AmCham Technology co-chair and head of Inotera/Micron in Taiwan, introduced the speakers, starting with Joshua Kim, the U.S. FBI legal attaché for Hong Kong-Taipei. According to Kim, a cyberattack follows a general “kill chain,” which starts with reconnaissance of a system for vulnerabilities, penetration and delivery of malicious code to take control of the target computers, and finally, data or money theft, or network destabilization.
The Cybersecurity Management Act
Taiwan’s government is developing its Cybersecurity Management Act to establish the legal and regulatory framework to “help government and the private sector to improve cybersecurity and risk management,” noted Jyan Hong-wei, Director-General for the Department of Cybersecurity under the Executive Yuan. Jyan said that while the government has a number of executive orders targeted at improving cybersecurity, the scope of these orders is too narrow and neglects critical infrastructure owned and managed by the private sector.
The new act fills these gaps by offering a comprehensive law covering both central and local government as well as state-owned enterprises and critical infrastructure providers in the private sector. Jyan noted that the proposed law would not cover the private sector as a whole, an assurance that industry welcomed as making the scope of the law more workable. AmCham’s Technology Committee also welcomed his invitation for companies and organizations to provide their suggestions and input.
Wu Fu-mei, deputy director of the Information and Communication Security (ICS) division within the Ministry of Justice, presented a glimpse at the MOJ’s efforts to investigate and combat cybercrime in Taiwan. The ICS employs Taiwan’s first accredited laboratory for computer forensics. This forensics lab is crucial to investigating proliferating cases of “ransomware,” in which a victim’s data is stolen and encrypted and the criminals demand payment for its return, as well as cyberattacks committed by insiders within an organization and APT (Advanced Persistent Threats), which are ongoing, sophisticated threats such as presented by China’s infamous hacker army.
Wu’s deputy, Lo Yueng-tien, special agent in the Cyber Crime section, gave a separate presentation detailing the hack of the First Bank ATMs in which a Eastern European gang attempted to steal over US$2 million. Thanks to savvy detective work by Taiwan’s investigators combined with clumsy footwork by the criminals, most of the perpetrators were arrested and the money largely recovered.
Hans A. Barre, senior manager for Risk Advisory with Deloitte & Touche, then gave a presentation reminding corporate leaders to prepare for the inevitability of cyber-attacks and remain actively involved in both prevention and recovery.
A panel discussion moderated by AmCham Technology Committee co-chair Revital Golan followed with participants Vincent Shih, assistant general counsel and GM of Microsoft’s legal affairs division; Hsu Wei-lun, senior manager with IBM Taiwan; JD Chiou, CEO of Intumit, Inc. and a Judicial Yuan advisor; and Jarvett Lin, Greater China manager for FireEye. The panelists stressed the need for every member of an organization to be aware of cybersecurity. Hacking victim First Bank, for example, took all of the right steps towards preventing a cyber-attack, yet access was obtained through a spear-phishing attack. (Recent evidence indicates that the Democratic National Committee emails were likewise hacked through spear phishing.)
Cyberattacks seem to be on the rise, and organizations need to prepare to defend their data as well as mitigate the damage and recover from losses, the panelists said. Vincent Shih of Microsoft starkly divided the world’s companies into two kinds: those that know that they have been hacked and are doing something about it, and those that don’t yet know that they have been hacked.
“That’s the real situation right now,” Shih said. “We need to expand this awareness.”