Digital attacks against Taiwanese government websites ahead of US House of Representatives Speaker Nancy Pelosi's arrival in Tapei on Tuesday were likely launched by Chinese activist hackers rather than the Chinese government, a cybersecurity research organization said.
The website of Taiwan's presidential office was targeted by a distributed denial of service (DDoS) attack on Tuesday and was at one point malfunctioning, the office said in a statement.
Access to the website was restored within about 20 minutes of the attack, the statement said. Taiwanese government agencies were monitoring the situation in the face of "information warfare," a spokesperson later added.
A government portal website and Taiwan's foreign ministry website were also temporarily taken offline on Tuesday.
Foreign ministry statement
In a statement, the foreign ministry said both websites had been hit with up to 8.5 million traffic requests a minute from a "large number of IPs from China, Russia and other places."
The attacks were ongoing, the statement added.
"Usually it continues for a few days, but they often lose interest within a week. Many of the attacks are motivated by what is written in the Chinese press."
Johannes Ullrich, Dean of Research at the SANS Technology Institute
DDoS attacks work by directing high volumes of internet traffic towards targeted servers in a relatively unsophisticated bid by so-called "hacktivists" to knock them offline.
"These are uncoordinated, random, moral-less attacks against websites that Chinese hacktivists use to get their message across," said Johannes Ullrich, Dean of Research at the SANS Technology Institute, a cybersecurity education and research organization.
"Usually it continues for a few days, but they often lose interest within a week. Many of the attacks are motivated by what is written in the Chinese press," Ullrich added.
The disruptive digital blitz came from hundreds of thousands of IP addresses, tied to devices registered within Chinese commercial internet space, Ullrich said.
A similar cohort of Chinese IP addresses had been scanning the internet for low-level, easily exploitable vulnerabilities since Friday, he added, and did not match the usual activity carried out by Chinese government hackers.