Taiwan Ministry of Civil Service (MOCS) recently disclosed a security incident in a notice shared on their website which affected thousands of individuals. The data breach allegedly exposed the detailed personal information of more than 240,000 civil servants.
Data of about 243,376 people was compromised which included ID numbers, names, national identification numbers, agency information, job designation and the agencies where the civil servants worked. The personal data of the individuals submitted between the dates 1st January, 2005 and 30th June, 2012. were compromised.
Upon discovery, the ministry has reported this action in compliance with the Personal Information Protection Act and to the National Center for Cyber Security Technology. It has also taken preventive measures for controlling access to the information system so that such attacks can be prevented in the future.
Why is the attack concerning for Taiwan cybersecurity?
The whole situation is extremely concerning since Taiwan has been victimized with as many as 10 million cyberattacks with an increasing rate of success. Most of the attacks targeted non-core service systems which were low-grade in nature and included activities such as changing websites or tampering with the information. However, more serious attacks have been observed on core systems.
According to some sources, some of the attacks targeted departments and their websites by intruding into the servers and stole account passwords. Some of the attacks used methods including keylogging, taking screenshots and unpacking related information. This makes cyber-security an issue of national security and requires a robust as well as an immediate action.
Prevention against such cyber-attack threats?
- To minimize the chances of the deployment of a cyber-attack through email and then infecting the network, implement controls such as secure email gateways.
- Limit employee access to data as well as information and limit authority to install the software.
- Security teams should train employees to recognize different cyber-attacks that can steal an organization’s data to access corporate networks and accounts. With security attack simulator and awareness tool like ThreatCop, employees become capable of recognizing different cyber-attacks.
- Users should not be assigned with administrative access unless it is absolutely needed. Those who require administrator accounts should only use them when it is necessary.
- Use application whitelisting which allows systems to execute only those programs that are known and permitted as per the security policy.