Taiwan's Presidential office website hit with DDoS attack ahead of Pelosi's visit

Several websites run by the government of Taiwan, including the website of Taiwan's Presidential office were disrupted by distributed denial-of-service (DDoS) attacks hours before US House Speaker Nancy Pelosi became the first high-ranking US official to visit the country in 25 years. 

Taiwan Presidential Office spokesperson Chang Tun-Han confirmed the DDoS attack on the office in a post on Facebook, noting that the DDoS attack consisted of 200 times more traffic to the website than normal, and it was carried out by a group from outside Taiwan. 

NBC News reported that other Taiwanese government sites were also down ahead of Pelosi’s visit, including the Ministry of National Defense, the Ministry of Foreign Affairs, and the website of Taiwan Taoyuan International Airport, where Pelosi’s plane landed. 

In a statement, the Taiwanese government said that the websites had been hit with up to 8.5 million traffic requests a minute from a "large number of IPs from China, Russia and other places". 

Doug Madory, director of Internet Analysis at traffic monitoring group Kentik, said that his company had tracked the attacks on the three websites, describing the DDoS incidents as “effective even if they were not record-breaking.” He noted that overall internet traffic for Taiwan looked “pretty normal.” 

John Hultquist, the vice president of Intelligence Analysis at cybersecurity group Mandiant, said in a news report in Politico that the company was tracking an overall increase in Chinese threats against Taiwan. This included two “Chinese information operations” changing tactics to spread disinformation around dangers involved in Pelosi’s visit. 

Not just Taiwanese government, in the first half of 2022, several countries reported attacks on government and financial institutions. The Russia-Ukraine war and the series of attacks (DDoS) on its critical infrastructure was a case in point. The attack targeted the website of the Ministry of Defense and the Ukrainian state services digital portal, Diia, as well as the ATM networks and mobile applications of Oschadbank and PrivatBank, according to the Ukrainian government.  

On March 11, the Chinese state agency Xinhua claimed that cyberattacks were tracked to the United States, Germany, and the Netherlands. These attacks were carried out via computers in China and targeted Ukrainian, Belarusian, and Russian resources. On April 8, the Finnish Ministry of Defense and Foreign Affairs websites were subject to cyberattacks.  

In a June 2022 report, Cloudflare revealed that India was the third largest source of HTTP DDoS attacks in Q2 2022. During the quarter the attacks from India grew by a massive 87%. “For the second quarter in a row, the United States tops the charts as the main source of HTTP DDoS attacks followed by China in second place, and India and Germany in the third and fourth.