Social and Political Data Science: Introduction

The "Cyber" Factor in Taiwan Elections

Karl Ho

University of Texas at Dallas

Prepared for presentation at the Building the Peaceful Foundation for the Uncertain Taiwan Strait Conference, February 3-4, 2023, Sam Houston State University, Houston, TX

Cyber-enable interference of elections on upward trends given the technological advances and digitization in election systems and campaigns.
Close to 50 election and referendum cases of cyber interference have been reported in the last decade.
China is one of the top state actors engaging in online interference to advance national and geopolitical interests.
Taiwan has been the top target, reported to have been intervened for at least three election cycles

Motivation

Cyber operations are often coordinated with information operations (cognitive warfare) with other military operations.
This study analyzes the impacts of coordinated cyber and information warfare in the upcoming 2024 Taiwan elections
We will discuss the implications of cyber interferences in general elections, in particular the 2024 Taiwan elections.

Motivation

Trolls
Infiltration
Cognitive warfare
Advanced Persistent Threat (APT)

Keywords

Russia
China
Iran
North Korea

Mandiant: The Big Four

China:

Mandiant: The Big Four

Chinese cyber espionage poses a high-frequency and high-magnitude threat to organizations globally, both in the public and private sectors."

China:

Mandiant: The Big Four

Key drivers of Chinese cyber threat activity:

Territorial integrity and internal stability
Regional hegemony
Expanding global political and economic influence.

China does not stop at Taiwan. It aims at regional and even global interests!

China:

Mandiant: The Big Four

Cyber espionage and information operations activity in support of China's national security and economic interests will continue to escalate.
In 2022, a pro-People’s Republic of China (PRC) information operations campaign directly targeted commercial entities in an industry of strategic significance to Beijing (e.g. threat to China's rare earth dominance).

Mandiant: The Big Four

Cyber espionage groups have had interest in previous Southeast Asian elections and the 2023 elections may prove to be compelling targets.
These elections will be used as lures for phishing and social engineering.
E.g. Philippine elections were held in 2022 and the government cited 20,000 attempts to attack the automated election systems.

Mandiant: The Big Four

Forecast:
- The Big Four—Russia, China, Iran and North Korea—will be highly active in 2023, using destructive attacks, information operations, financial threats and more.

Cyber attacks in Taiwan by industry, 2022

Source: Netscout

Cyber attacks in Taiwan: DDoS (Distributed Denial of Service)

DDoS Attack Statistics

Attack Frequency	54,096 Attacks
Max Throughput	23 Mpps
Max Bandwidth	196 Gbps
Average Duration	5 Minutes

Source: Netscout

Cyber attacks in Taiwan peak date, 2022

Source: Netscout

Sum Peak Throughput

Date	5/5/2022
Sum Peak Throughput	11,289 Mpps
* peak aggregate throughput in one minute

Cyber attacks in Asia, Jan-June, 2022

Source: Netscout

Highest attack targeting Taiwan Ambassador Bi-Khim Hsiao

Cyber attacks in Asia, Jan-June, 2022

Source: Netscout

Highest attack targeting Taiwan Ambassador Bi-Khim Hsiao

An advanced persistent threat (APT) is a sophisticated, sustained cyberattack in which an intruder establishes an undetected presence in a network in order to steal sensitive data over a prolonged period of time. (Crowdstrike 2022)

Case study:
Advanced Persistent Threat (APT)

An APT attack is carefully planned and designed to infiltrate a specific organization, evade existing security measures and fly under the radar.

APT characteristics:

single-use
short-term impact
high capacity for surprising opponents

Case study:
Advanced Persistent Threat (APT)

Since APT is highly organized and costly, only state actors can afford such operations.

"Since 2010, Mandiant, Fire Eye, Kaspersky and other organizations specializing in international security identified China as the origin of a substantial number of APT." (DeVore and Lee 2017)

Case study:
Advanced Persistent Threat (APT)

Information warfare: Confusion

Source: Manantan 2020, Figure 4 p. 15

PLA incursions and presidential support

Taiwan public responses to PLA aircraft incursions

Social media on COVID vaccines

PLAAF incursions

USS Connecticut grounded on the seamount in the South China Sea.

Source: Forbes

Report: Commander Cameron Aljilani "uneven oversight and a poor command"

Impacts on Taiwan elections

Like PLAAF incursions, the actual motivation and operations of cyber warfare are under the radar and hardly detectable until the instant of attack.
Cyber warfare is hybrid and coordinated.
Goal of such operations is not to "invade" or "take over" Taiwan.
No traditional defense is effective against cyber warfare.

Impacts on Taiwan elections

2024 presidential election is critical election for not just Taiwan, but US also.
Both parties must have consensus on cyber strategy:
- Cyber tools ready for fending against external threat, not for internal partisan gains!
- Ready for different scenarios created by China hybrid, coordinated warfare, e.g. blockade (invisible), systems compromise

Impacts on Taiwan elections

Public opinion matters
- Goal is not to tearing down, but tiring down Taiwan
Washington and Taipei must understand this is not a chess game with checkmate.
Instead it is a Go game.

Instead it is a Go game.

Impacts on Taiwan elections

Public opinion matters
- Goal is not to tearing down, but tiring down Taiwan
Washington and Taipei must understand this is not a chess game with checkmate.

Instead it is a Go game.

Chang, Ho-Chun Herbert, Samar Haider, and Emilio Ferrara. 2021. “Digital Civic Participation and Misinformation during the 2020 Taiwanese Presidential Election.” Media and Communication 9(1): 144–57.
DeVore, J Marc R, and Sangho Lee. 2017. “APT (Advanced Persistent Threat)S And Influence: Cyber Weapons And The Changing Calculus Of Conflict.”
Hartnett, Stephen J, and Chiaoning Su. “Hacking, Debating, and Renewing Democracy in Taiwan in the Age of ‘Post-Truth’ Communication.”
Manantan, Mark Bryan. 2020. “The People’s Republic of China’s Cyber Coercion: Taiwan, Hong Kong, and the South China Sea.” Issues & Studies 56(03): 2040013.
Molter, Vanessa, and Renee DiResta. 2020. “Pandemics & Propaganda: How Chinese State Media Creates and Propagates CCP Coronavirus Narratives.” Harvard Kennedy School Misinformation Review 1(3). https://misinforeview.hks.harvard.edu/article/pandemics-propaganda-how-chinese-state-media-creates-and-propagates-ccp-coronavirus-narratives/ (January 28, 2023).
O’Connor, Sarah. “Cyber-Enabled Foreign Interference in Elections and Referendums.”
Wang, Ming-Hung et al. 2020. “Understanding Potential Cyber-Armies in Elections: A Study of Taiwan.” Sustainability 12(6): 2248.

The "Cyber" Factor in Taiwan Elections

Cyber-enable interference of elections on upward trends given the technological advances and digitization in election systems and campaigns.

Close to 50 election and referendum cases of cyber interference have been reported in the last decade.

China is one of the top state actors engaging in online interference to advance national and geopolitical interests.

Taiwan has been the top target, reported to have been intervened for at least three election cycles

Motivation

Cyber operations are often coordinated with information operations (cognitive warfare) with other military operations.

This study analyzes the impacts of coordinated cyber and information warfare in the upcoming 2024 Taiwan elections

We will discuss the implications of cyber interferences in general elections, in particular the 2024 Taiwan elections.

Motivation

Trolls

Infiltration

Cognitive warfare

Advanced Persistent Threat (APT)

Keywords

Russia

China

Iran

North Korea

Mandiant: The Big Four

China:

Mandiant: The Big Four

Chinese cyber espionage poses a high-frequency and high-magnitude threat to organizations globally, both in the public and private sectors."

China:

Mandiant: The Big Four

Key drivers of Chinese cyber threat activity:

Territorial integrity and internal stability

Regional hegemony

Expanding global political and economic influence.

China does not stop at Taiwan. It aims at regional and even global interests!

China:

Mandiant: The Big Four

Cyber espionage and information operations activity in support of China's national security and economic interests will continue to escalate.

In 2022, a pro-People’s Republic of China (PRC) information operations campaign directly targeted commercial entities in an industry of strategic significance to Beijing (e.g. threat to China's rare earth dominance).

Mandiant: The Big Four

Cyber espionage groups have had interest in previous Southeast Asian elections and the 2023 elections may prove to be compelling targets.

These elections will be used as lures for phishing and social engineering.

E.g. Philippine elections were held in 2022 and the government cited 20,000 attempts to attack the automated election systems.

Mandiant: The Big Four

Forecast:

The Big Four—Russia, China, Iran and North Korea—will be highly active in 2023, using destructive attacks, information operations, financial threats and more.

Cyber attacks in Taiwan by industry, 2022

Cyber attacks in Taiwan: DDoS (Distributed Denial of Service)

Cyber attacks in Taiwan peak date, 2022

Cyber attacks in Asia, Jan-June, 2022

Cyber attacks in Asia, Jan-June, 2022

An advanced persistent threat (APT) is a sophisticated, sustained cyberattack in which an intruder establishes an undetected presence in a network in order to steal sensitive data over a prolonged period of time. (Crowdstrike 2022)

Case study: Advanced Persistent Threat (APT)

An APT attack is carefully planned and designed to infiltrate a specific organization, evade existing security measures and fly under the radar.

APT characteristics:

single-use

short-term impact

high capacity for surprising opponents

Case study: Advanced Persistent Threat (APT)

Since APT is highly organized and costly, only state actors can afford such operations.

"Since 2010, Mandiant, Fire Eye, Kaspersky and other organizations specializing in international security identified China as the origin of a substantial number of APT." (DeVore and Lee 2017)

Case study: Advanced Persistent Threat (APT)

Information warfare: Confusion

PLA incursions and presidential support

Taiwan public responses to PLA aircraft incursions

Social media on COVID vaccines

PLAAF incursions

PLAAF incursions

USS Connecticut grounded on the seamount in the South China Sea.

Impacts on Taiwan elections

Like PLAAF incursions, the actual motivation and operations of cyber warfare are under the radar and hardly detectable until the instant of attack.

Cyber warfare is hybrid and coordinated.

Goal of such operations is not to "invade" or "take over" Taiwan.

No traditional defense is effective against cyber warfare.

Impacts on Taiwan elections

2024 presidential election is critical election for not just Taiwan, but US also.

Both parties must have consensus on cyber strategy:

Cyber tools ready for fending against external threat, not for internal partisan gains!

Ready for different scenarios created by China hybrid, coordinated warfare, e.g. blockade (invisible), systems compromise

Impacts on Taiwan elections

Public opinion matters

Goal is not to tearing down, but tiring down Taiwan

Instead it is a Go game.

Impacts on Taiwan elections

Public opinion matters

Case study:
Advanced Persistent Threat (APT)

Case study:
Advanced Persistent Threat (APT)

Case study:
Advanced Persistent Threat (APT)