Overview
- The National Security Bureau logged about 960.6 million intrusion attempts against critical infrastructure in 2025, a 6% rise from 2024 and roughly 2.63 million per day.
- During Dec. 29–Jan. 2 exercises, the CCP paired drills with information operations and cyberattacks, pushing over 19,000 messages and millions of hacking attempts each day.
- Officials say attackers heavily probed industrial control systems and sought malware implantation during scheduled software upgrades at energy companies.
- The NSB named BlackTech, Flax Typhoon, Mustang Panda, APT41 and UNC3886 among the most active groups targeting Taiwan last year.
- Emergency and hospital targets saw intrusion attempts rise by about 54% in 2025, while finance and water resources recorded sharp declines, as Taiwan expands intelligence sharing with 30+ countries and briefs lawmakers on the threat.