Social and Political Data Science: Introduction

The "Cyber" Factor in Taiwan Elections

Karl Ho
University of Texas at Dallas

Prepared for presentation at the Building the Peaceful Foundation for the Uncertain Taiwan Strait Conference, February 3-4, 2023, Sam Houston State University, Houston, TX

  • Cyber-enable interference of elections on upward trends given the technological advances and digitization in election systems and campaigns.

  • Close to 50 election and referendum cases of cyber interference have been reported in the last decade.

  • China is one of the top state actors engaging in online interference to advance national and geopolitical interests.

  • Taiwan has been the top target, reported to have been intervened for at least three election cycles

Motivation

  • Cyber operations are often coordinated with information operations (cognitive warfare) with other military operations.

  • This study analyzes the impacts of coordinated cyber and information warfare in the upcoming 2024 Taiwan elections

  • We will discuss the implications of cyber interferences in general elections, in particular the 2024 Taiwan elections. 

Motivation

  • Trolls

  • Infiltration

  • Cognitive warfare

  • Advanced Persistent Threat (APT)

Keywords

  1. Russia

  2. China

  3. Iran 

  4. North Korea

Mandiant: The Big Four

China:

Mandiant: The Big Four

Chinese cyber espionage poses a high-frequency and high-magnitude threat to organizations globally, both in the public and private sectors."

China:

Mandiant: The Big Four

Key drivers of Chinese cyber threat activity:

  1. Territorial integrity and internal stability

  2. Regional hegemony

  3. Expanding global political and economic influence.

China does not stop at Taiwan.  It aims at regional and even global interests!

China:

Mandiant: The Big Four

  • Cyber espionage and information operations activity in support of China's national security and economic interests will continue to escalate.

  • In 2022, a pro-People’s Republic of China (PRC) information operations campaign directly targeted commercial entities in an industry of strategic significance to Beijing (e.g. threat to China's rare earth dominance).

Mandiant: The Big Four

  • Cyber espionage groups have had interest in previous Southeast Asian elections and the 2023 elections may prove to be compelling targets.

  • These elections will be used as lures for phishing and social engineering.

  • E.g. Philippine elections were held in 2022 and the government cited 20,000 attempts to attack the automated election systems.

Mandiant: The Big Four

  • Forecast:

    • The Big Four—Russia, China, Iran and North Korea—will be highly active in 2023, using destructive attacks, information operations, financial threats and more.

Cyber attacks in Taiwan by industry, 2022

Source: Netscout

Cyber attacks in Taiwan: DDoS (Distributed Denial of Service)

DDoS Attack Statistics
Attack Frequency 54,096 Attacks
Max Throughput 23 Mpps
Max Bandwidth 196 Gbps
Average Duration 5 Minutes

Source: Netscout

Cyber attacks in Taiwan peak date, 2022

Source: Netscout

Sum Peak Throughput
Date 5/5/2022
Sum Peak Throughput 11,289 Mpps
* peak aggregate throughput in one minute

Cyber attacks in Asia, Jan-June, 2022

Source: Netscout

Highest attack targeting Taiwan Ambassador Bi-Khim Hsiao

Cyber attacks in Asia, Jan-June, 2022

Source: Netscout

Highest attack targeting Taiwan Ambassador Bi-Khim Hsiao

An advanced persistent threat (APT) is a sophisticated, sustained cyberattack in which an intruder establishes an undetected presence in a network in order to steal sensitive data over a prolonged period of time. (Crowdstrike 2022)

Case study:
Advanced Persistent Threat (APT)

An APT attack is carefully planned and designed to infiltrate a specific organization, evade existing security measures and fly under the radar.

APT characteristics:

  1. single-use

  2. short-term impact

  3. high capacity for surprising opponents

Case study:
Advanced Persistent Threat (APT)

Since APT is highly organized and costly, only state actors can afford such operations.

"Since 2010, Mandiant, Fire Eye, Kaspersky and other organizations specializing in international security identified China as the origin of a substantial number of APT." (DeVore and Lee 2017)

Case study:
Advanced Persistent Threat (APT)

Information warfare: Confusion

Source: Manantan 2020, Figure 4 p. 15

PLA incursions and presidential support

Taiwan public responses to PLA aircraft incursions

Social media on COVID vaccines

PLAAF incursions 

PLAAF incursions 

USS Connecticut grounded on the seamount in the South China Sea.

Source: Forbes

Report: Commander Cameron Aljilani "uneven oversight and a poor command"

Impacts on Taiwan elections

  • Like PLAAF incursions, the actual motivation and operations of cyber warfare are under the radar and hardly detectable until the instant of attack. 

  • Cyber warfare is hybrid and coordinated.

  • Goal of such operations is not to "invade" or "take over" Taiwan.

  • No traditional defense is effective against cyber warfare.

Impacts on Taiwan elections

  • 2024 presidential election is critical election for not just Taiwan, but US also. 

  • Both parties must have consensus on cyber strategy:

    • Cyber tools ready for fending against external threat, not for internal partisan gains!

    • Ready for different scenarios created by China hybrid, coordinated warfare, e.g. blockade (invisible), systems compromise

      •  

Impacts on Taiwan elections

  • Public opinion matters

    • Goal is not to tearing down, but tiring down Taiwan

  • Washington and Taipei must understand this is not a chess game with checkmate.
  • Instead it is a Go game.

Instead it is a Go game.

Impacts on Taiwan elections

  • Public opinion matters

    • Goal is not to tearing down, but tiring down Taiwan

  • Washington and Taipei must understand this is not a chess game with checkmate.

Instead it is a Go game.

Chang, Ho-Chun Herbert, Samar Haider, and Emilio Ferrara. 2021. “Digital Civic Participation and Misinformation during the 2020 Taiwanese Presidential Election.” Media and Communication 9(1): 144–57.
DeVore, J Marc R, and Sangho Lee. 2017. “APT (Advanced Persistent Threat)S And Influence: Cyber Weapons And The Changing Calculus Of Conflict.”
Hartnett, Stephen J, and Chiaoning Su. “Hacking, Debating, and Renewing Democracy in Taiwan in the Age of ‘Post-Truth’ Communication.”
Manantan, Mark Bryan. 2020. “The People’s Republic of China’s Cyber Coercion: Taiwan, Hong Kong, and the South China Sea.” Issues & Studies 56(03): 2040013.
Molter, Vanessa, and Renee DiResta. 2020. “Pandemics & Propaganda: How Chinese State Media Creates and Propagates CCP Coronavirus Narratives.” Harvard Kennedy School Misinformation Review 1(3). https://misinforeview.hks.harvard.edu/article/pandemics-propaganda-how-chinese-state-media-creates-and-propagates-ccp-coronavirus-narratives/ (January 28, 2023).
O’Connor, Sarah. “Cyber-Enabled Foreign Interference in Elections and Referendums.”
Wang, Ming-Hung et al. 2020. “Understanding Potential Cyber-Armies in Elections: A Study of Taiwan.” Sustainability 12(6): 2248.

 

References

The "Cyber" Factor in Taiwan Elections

By Karl Ho

The "Cyber" Factor in Taiwan Elections

  • 186