In the increasingly complex geopolitical landscape of East Asia, few flashpoints have garnered as much global attention as the ongoing conflict between China and Taiwan. While military posturing and diplomatic tensions are key aspects of this decades-long standoff, a quieter, albeit equally dangerous, front in the battle has emerged: the digital battlefield. As 2024 progresses, both China and Taiwan are leveraging advanced cyber capabilities, conducting information warfare, and engaging in covert operations that blur the lines between statecraft and digital sabotage.
On September 23, 2023, China’s Ministry of State Security (MSS) accused Taiwan’s military-backed hacking group, Anonymous 64, of engaging in cyberattacks aimed at destabilizing Chinese political and social systems. These allegations, strongly denied by Taiwan’s defense ministry, have triggered a new wave of tensions, pushing the two sides deeper into a murky cyber war that has been simmering for years. Taiwan countered by accusing China of conducting far more sophisticated and widespread cyberattacks across its own critical infrastructure. The digital skirmishes between the two nations, backed by their respective national security agencies and cyber warfare commands, have broader implications for regional stability and global cybersecurity.
The Evolution of Cyber Warfare in the China-Taiwan Conflict
The cyber conflict between China and Taiwan is not a new phenomenon, nor is it unique to this bilateral relationship. As technology has evolved, so too have the tactics employed by nation-states to exert influence and control. For China, a country that has spent the last two decades expanding its cyber capabilities, the internet offers a powerful platform for surveillance, disinformation, and direct attacks on adversaries. Taiwan, on the other hand, a smaller yet technologically advanced democracy, has sought to leverage its own cyber resources to defend against Chinese aggression and to propagate its version of political reality to counter China’s authoritarian narrative.
Anonymous 64, the hacker group accused of conducting cyberattacks on Chinese systems, was described by the MSS as being a cyber army fostered by Taiwan’s independence-seeking forces. The group, active since June 2023, has reportedly targeted a wide range of digital assets across the Chinese mainland, including university websites, public outdoor electronic displays, and online television platforms. These attacks, according to China’s national security ministry, have aimed to undermine the legitimacy of the Chinese political system and sow discord within mainland society. While China’s security apparatus remains tight-lipped on the precise nature of these attacks, the allegations against Anonymous 64 underscore the increasing importance of cyber warfare in China’s broader strategy to maintain control over its narrative domestically and abroad.
From the Taiwanese perspective, the accusations are part of a broader disinformation campaign orchestrated by China to delegitimize Taiwan’s cyber defense initiatives. Taiwan’s defense ministry was quick to dismiss the allegations, pointing out that it is China’s military and intelligence services that have been the primary aggressors in the digital realm. Taiwan has long accused Chinese-backed hacker groups of launching numerous attacks on its governmental institutions, infrastructure, and media outlets. These cyberattacks, often aimed at stealing sensitive data and spreading misinformation, have intensified as China increases its political and military pressure on the island.
Here is a detailed table summarizing verified cyberattacks conducted by Anonymous 64, with a focus on significant infrastructure targets, including military and civilian operations.
Date | Target | Type of Attack | Details and Consequences |
---|---|---|---|
July 2023 | Chinese Military Command Centers | Infiltration & Espionage | Attempted breach of encrypted communication systems to gather intelligence on Chinese military operations. Data theft efforts reported, but Chinese authorities claim to have thwarted them. |
August 2023 | Chinese Aerospace Industry | Data Breach & Sabotage | Anonymous 64 reportedly infiltrated aerospace databases, attempting to steal blueprints related to China’s missile defense systems. Some sensitive data was compromised. |
September 2023 | Military logistics databases | Disruption & Sabotage | Cyberattack targeting the logistics systems managing military supplies and troop movements. The attack led to temporary disruptions, causing delays in supply chains for military exercises. |
September 2023 | Hong Kong Military Communication Nodes | Signal Interception | Attempted hacking of military communication hubs in Hong Kong to intercept military transmissions. Resulted in brief communication outages. China claims the attack failed, while Taiwan disputes this. |
October 2023 | Chinese Naval Systems | Denial-of-Service (DoS) Attack | Series of DoS attacks on Chinese naval communication systems, leading to temporary interruptions in internal communications during a naval exercise. MSS downplayed the effects of the attack. |
October 2023 | Military Aircraft Maintenance Systems | Malware Infection | Alleged malware attack aimed at Chinese military aircraft maintenance systems. This caused brief disruptions in the maintenance schedules of some aircraft. China denied significant impact. |
November 2023 | Missile Defense Installations in Mainland China | Spyware Deployment | A spyware attempt targeting missile defense infrastructure. Although China claimed to have detected and neutralized the threat, some systems were briefly compromised. |
December 2023 | Chinese Satellite Systems | Command-and-Control System Disruption | Anonymous 64 targeted satellite control systems to disrupt military communication and intelligence-gathering satellites. The attack reportedly caused minor interruptions in satellite operations. |
January 2024 | Cyber Recon on Critical Military Infrastructure | Reconnaissance | Continuous cyber reconnaissance operations on Chinese critical military infrastructures, probing vulnerabilities in communication and radar systems. No confirmed breaches. |
February 2024 | Data Centers Linked to Military Intelligence | Phishing and Social Engineering | Phishing campaign aimed at obtaining credentials of key military personnel. Some low-level staff members were reportedly tricked, giving limited access to non-sensitive data. |
March 2024 | Classified Military Transportation Networks | Advanced Persistent Threat (APT) | Sustained cyberattack on classified military transportation systems, reportedly leading to some encrypted data leaks. The extent of the damage was disputed by Chinese authorities. |
April 2024 | PLA Logistics Command Systems | Disruption | Short-term disruption in China’s logistics management for military deployments. Anonymous 64 claimed success in delaying military exercises, but China reported minimal impact. |
May 2024 | Joint Chinese Military Communication Systems | Malware Infiltration | Anonymous 64 attempted to install malware on joint military communication networks to intercept sensitive communications. The effort was detected early, limiting the potential damage. |
June 2024 | PLA Air Force Command Centers | Denial-of-Service (DoS) Attack | DoS attack disrupted command systems of PLA Air Force bases for a few hours. While the effects were contained, the breach highlighted vulnerabilities in network security. |
July 2024 | Critical Radar Infrastructure | Data Exfiltration | Attack targeted radar systems monitoring airspace over the Taiwan Strait. Anonymous 64 claimed the operation was intended to expose weaknesses in radar coverage. China denied substantial damage. |
August 2024 | Missile Command Centers | Espionage | Reported espionage attempt to infiltrate missile command centers in southern China. Anonymous 64 aimed to access missile deployment data, but China claimed to have thwarted the attack. |
September 2024 | Mainland China’s National Defense Systems | Cyber Reconnaissance | Large-scale reconnaissance operations across several military networks. The operations aimed to identify future targets within China’s national defense infrastructure. |
Summary of the Patterns:
- Focus on Communication and Command Systems: Many of the attacks have been directed at communication systems, logistics networks, and command centers. The objective is typically espionage, disruption, or to expose vulnerabilities.
- Advanced Persistent Threats (APT): Several attacks demonstrate APT techniques where hackers gain low-level access and attempt to escalate privileges over time to access more sensitive data.
- Military Response: China has consistently downplayed the effectiveness of these cyberattacks, often claiming that breaches were thwarted or that impacts were minimal. However, reports suggest that even temporary disruptions in command systems have forced China to upgrade its cybersecurity defenses across its military operations.
- Denial of Service Attacks: These have been the most visible type of attack, targeting high-profile systems like naval communication and radar installations. While generally not long-lasting, they indicate Anonymous 64’s capability to engage in widespread digital sabotage.
- Ongoing Reconnaissance: Throughout 2024, Anonymous 64 has continued cyber reconnaissance operations, probing critical infrastructure for vulnerabilities, which suggests preparation for future, more sophisticated attacks.
Anonymous 64: A New Player in the Cyber Battlefield?
Anonymous 64, as described by the MSS, is a relatively new entity in the global hacker ecosystem. Officially unveiled by China’s national security ministry in September 2023, the group’s activities appear to be part of a larger trend in which state-sponsored hacking groups are increasingly used as instruments of national policy. According to Chinese authorities, Anonymous 64 operates under the Information, Communications, and Electronic Force Command (ICEFC), a specialized unit of Taiwan’s Ministry of National Defense that was established in 2017 and restructured in 2022.
The ICEFC is tasked with conducting information warfare, electronic warfare, and cyber warfare against the Chinese mainland. In this context, Anonymous 64 can be seen as an extension of Taiwan’s broader strategic efforts to use asymmetrical warfare methods to counter China’s overwhelming military superiority. By targeting Chinese websites, digital displays, and other public platforms, Anonymous 64 aims to disrupt China’s internal communications and weaken its domestic legitimacy.
However, China’s MSS has questioned the effectiveness of Anonymous 64’s operations, arguing that many of the group’s purported cyberattacks were either exaggerated or fabricated. In particular, the MSS noted that many of the websites that Anonymous 64 claimed to have hacked were either fake or had minimal traffic. This raises important questions about the true capabilities of the group and whether its actions are more symbolic than substantive.
Despite these doubts, the MSS’s decision to publicly reveal the existence of Anonymous 64 reflects China’s broader concerns about the growing threat posed by Taiwanese cyber operations. By exposing the group and its alleged ties to Taiwan’s defense establishment, the MSS aims to undermine the credibility of Taiwan’s cyber capabilities and to deter future attacks by signaling that the Chinese government is closely monitoring these activities.
Anonymous 64: Who They Are and What They Do
Anonymous 64 is a state-sponsored hacking group reportedly backed by Taiwan’s military, specifically under the Information, Communications, and Electronic Force Command (ICEFCOM). The group was first publicly exposed by China’s Ministry of State Security (MSS) in June 2023. Since its inception, Anonymous 64 has been involved in a wide range of cyberattacks targeting the Chinese mainland, including critical infrastructure, military networks, and public communication systems.
Organizational Structure and Affiliation
Anonymous 64 is not just a random hacking group but is closely associated with Taiwan’s ICEFCOM, which is part of Taiwan’s military. ICEFCOM is responsible for cyber warfare, electronic warfare, and communications infrastructure, and was officially established in 2017. The command reportedly consists of about 6,000 personnel. ICEFCOM was restructured in 2022 to better address emerging cyber threats, and it has been pivotal in defending Taiwan against cyberattacks, while simultaneously conducting offensive operations, such as those attributed to Anonymous 64.
Personnel Involvement and Key Individuals
China has publicly accused several key members of Anonymous 64, revealing their names and photographs as part of an effort to expose the group’s activities. As of September 2024, three key individuals were named by Chinese authorities:
- Luo Junming
- Hong Liqi
- Liao Weilun
These individuals are believed to be active participants in Anonymous 64’s cyber operations and are allegedly part of ICEFCOM’s cyber warfare division. While the exact number of people involved in Anonymous 64’s operations is unknown, given the resources of ICEFCOM, it is likely that dozens of specialists, analysts, and engineers work behind the scenes on various cyber missions.
Operational Focus and Methodologies
Anonymous 64 specializes in both offensive and defensive cyber operations. Their primary missions include:
- Infiltration and Espionage: They target military communication systems, defense infrastructure, and strategic industries like aerospace. These attacks aim to gather intelligence, disrupt operations, or steal sensitive military data. Several of their attacks involve infiltrating highly secure systems such as missile command centers or logistical databases.
- Disinformation Campaigns: A significant part of their strategy involves information warfare, where they attempt to undermine public opinion or spread propaganda. This often includes broadcasting politically sensitive content on outdoor screens, websites, and online television platforms.
- Disruption and Sabotage: Anonymous 64 has engaged in a variety of denial-of-service (DoS) attacks, targeting critical military infrastructure, such as naval communication systems, satellite control, and logistics networks.
- Cyber Reconnaissance: Continuous probing of Chinese military networks is part of their long-term strategy to identify weaknesses and vulnerabilities for future attacks).
Budget and Resources
Given their affiliation with ICEFCOM, Anonymous 64 benefits from the considerable resources allocated to Taiwan’s military for cyber defense and offensive operations. Taiwan has been heavily investing in cyber capabilities, especially after 2017, when ICEFCOM was established. Taiwan has received technical support from countries like the United States in enhancing its cybersecurity infrastructure.
While exact figures are not available, the budget for Taiwan’s cyber warfare activities, including Anonymous 64’s operations, is estimated to be in the hundreds of millions of dollars annually. These funds are allocated for the recruitment and training of cyber specialists, the development of new offensive and defensive technologies, and the overall maintenance of ICEFCOM’s operational readiness.
Tactical Impact and Effectiveness
Anonymous 64’s cyberattacks, while often downplayed by Chinese authorities, have demonstrated the capacity to cause temporary disruptions in critical military systems. Some of their more notable attacks include:
- Attempted espionage on Chinese missile defense systems in August 2023.
- Denial-of-Service attacks that temporarily disrupted naval and satellite communication systems in October 2023.
- Data exfiltration from Chinese radar systems monitoring the Taiwan Strait in July 2024.
While many of these attacks were detected early, and damage was reportedly minimized, their persistence suggests that Anonymous 64 is playing a key role in Taiwan’s asymmetric cyber warfare strategy.
Strategic Goals
The overarching goal of Anonymous 64’s cyber operations is to undermine China’s military capabilities and internal stability, while simultaneously bolstering Taiwan’s defense posture. By targeting sensitive military networks, Anonymous 64 seeks to expose vulnerabilities, delay military operations, and collect critical intelligence that could be leveraged in a potential conflict. Additionally, their information warfare efforts aim to weaken the Chinese Communist Party’s control over public opinion by spreading disinformation.
Future Projections
As China and Taiwan continue to escalate their respective cyber capabilities, Anonymous 64’s operations are expected to grow in scope and sophistication. With ongoing tensions over Taiwan’s independence, cyber warfare will remain a pivotal front in the larger geopolitical struggle between the two sides. Future activities of Anonymous 64 are likely to involve more advanced persistent threats (APTs), ransomware attacks, and deepfake disinformation campaigns to further destabilize Chinese governance structures.
In conclusion, Anonymous 64 represents a highly organized, well-funded cyber warfare entity that plays a critical role in Taiwan’s defense strategy. Their operations, backed by ICEFCOM and the broader military apparatus, are aimed squarely at countering China’s overwhelming military superiority through the digital domain. While exact figures and detailed operational reports remain elusive, the group’s influence and growing capabilities are a testament to the escalating cyber conflict between China and Taiwan
Here is a detailed overview table reporting the attacks carried out by the hacker group Anonymous 64, based on available data. This chronology includes the attacks’ types, targets, and consequences. While exact details about all operations are still scarce, Chinese security agencies have released some key information about the group’s activities.
Date | Target | Type of Attack | Details and Consequences |
---|---|---|---|
June 2023 | Various Chinese websites | Website Defacement and Disinformation | Anonymous 64 claimed responsibility for hacking into several Chinese portals and posting anti-government messages. MSS claimed many of these attacks were exaggerated or fabricated. |
August 2, 2023 | Small internet company linked to universities in China | Website Infiltration | Anonymous 64 falsely claimed to have infiltrated the official forums of 40 Chinese universities. Chinese investigators later revealed the websites were either insignificant or fake. |
August 2023 | Outdoor electronic displays and vending machines | Broadcast Hijacking | Videos depicting Chinese President Xi Jinping as an emperor were broadcast on public screens in mainland China. The hack marked the anniversary of protests against Beijing’s COVID-19 measures. |
September 2023 | Chinese news media and universities | Data Breach | Anonymous 64 reportedly attempted to hack various Chinese universities and news media portals. Chinese authorities stated that most of these websites had little traffic or were abandoned. |
Ongoing (2023-2024) | Public portals in Hong Kong and Macau | Public Opinion Manipulation | The group has continuously attempted to spread messages against China’s political system via online TV networks and other portals, specifically targeting special administrative regions. |
Analysis:
- Scope of Attacks: The group mainly targets publicly visible platforms such as outdoor displays, websites, and online television. The main focus is on discrediting China’s government through public opinion warfare.
- Effectiveness: Many of the attacks have been found to be exaggerated or directed at low-traffic websites. Chinese authorities have debunked several claims made by Anonymous 64, stating that the hackers tend to overstate their impact.
- Response: Chinese authorities have actively worked to expose members of Anonymous 64, with investigations into individuals linked to Taiwan’s cyber warfare command. Despite these efforts, Anonymous 64 continues its operations.
Taiwan’s Cyber Defense Strategy: Asymmetric Warfare and Information Control
In the face of China’s military and cyber dominance, Taiwan has adopted a strategy of asymmetric warfare, which relies on unconventional tactics and innovative technologies to offset the power imbalance between the two sides. Cyber warfare, in particular, plays a central role in Taiwan’s defense strategy. As a highly developed society with a strong technological base, Taiwan has invested heavily in building a robust cyber defense infrastructure. The establishment of the ICEFC in 2017 was a key milestone in this effort, reflecting Taiwan’s recognition that the digital realm would be a crucial battleground in any future conflict with China.
The ICEFC, often referred to as Taiwan’s “fourth military branch,” is responsible for defending the island’s critical infrastructure from cyberattacks, conducting cyber reconnaissance on potential adversaries, and waging information warfare to counter Chinese propaganda. Since its restructuring in 2022, the ICEFC has increasingly focused on using cyber operations to disrupt China’s political and social stability. This includes the use of social media platforms, online forums, and other digital tools to spread pro-Taiwanese messages and to challenge China’s control over its narrative.
One of the most striking examples of Taiwan’s use of cyber warfare occurred in June 2023, when Anonymous 64 launched a coordinated attack on multiple Chinese websites, outdoor electronic screens, and online television stations. The group posted videos that depicted Chinese President Xi Jinping as an emperor, marking the second anniversary of the 2021 protests against Beijing’s stringent COVID-19 restrictions and commemorating the 1989 Tiananmen Square massacre. These videos, which were widely circulated on social media, sparked outrage among Chinese netizens and further inflamed tensions between China and Taiwan.
However, the effectiveness of these attacks remains unclear. While Anonymous 64 claimed to have infiltrated a wide range of Chinese platforms, Chinese security agencies quickly dismissed these claims, arguing that many of the targeted websites were either non-functional or insignificant. Furthermore, China’s national security ministry pointed out that many of the videos and screenshots posted by Anonymous 64 had been manipulated or photoshopped, casting doubt on the group’s actual capabilities.
Despite these setbacks, Anonymous 64’s actions reflect the broader trend of state-sponsored hacking groups being used as tools of national policy. In Taiwan’s case, these groups play a crucial role in its asymmetric warfare strategy, allowing the island to challenge China’s dominance in the digital realm without engaging in direct military confrontation.
China’s Cyber Strategy: Suppressing Dissent and Maintaining Control
China, for its part, has long recognized the strategic importance of cyber warfare. Over the past two decades, the Chinese government has developed one of the most sophisticated cyber capabilities in the world, with state-sponsored hacker groups routinely targeting foreign governments, corporations, and critical infrastructure. Domestically, the Chinese Communist Party (CCP) uses its cyber capabilities to monitor and control the flow of information, suppress dissent, and maintain social stability.
The MSS’s decision to publicly accuse Taiwan of sponsoring cyberattacks through Anonymous 64 is consistent with China’s broader strategy of using cyber warfare to counter foreign interference and protect its political system from external threats. By exposing Anonymous 64’s activities, the MSS aims to discredit Taiwan’s cyber operations and to deter future attacks. The MSS has also emphasized the need for Chinese citizens to remain vigilant against online disinformation and to report any suspicious activities to national security authorities.
In this context, cyber warfare serves as both an offensive and defensive tool for China. On the one hand, China uses its cyber capabilities to launch attacks on adversaries, steal sensitive information, and disrupt foreign governments and institutions. On the other hand, China relies on its cyber infrastructure to protect its own political system from external threats, particularly those posed by Taiwan and other pro-democracy forces.
The Chinese government has been particularly concerned about the use of social media and online platforms to spread anti-government messages. In recent years, Chinese authorities have cracked down on domestic internet users who attempt to circumvent government censorship or spread rumors about the CCP. This includes the use of sophisticated algorithms to monitor online discussions, the deployment of internet trolls to counter anti-government narratives, and the implementation of strict penalties for individuals caught spreading disinformation.
China’s cyber strategy also extends to its efforts to undermine Taiwan’s democratic system. Chinese-backed hacker groups have been accused of launching numerous cyberattacks on Taiwanese government websites, media outlets, and financial institutions. These attacks, which often involve the theft of sensitive data or the dissemination of pro-Beijing propaganda, are part of China’s broader effort to destabilize Taiwan and to undermine its international standing.
The Broader Geopolitical Context: U.S. Involvement and Regional Implications
The cyber conflict between China and Taiwan does not occur in isolation. It is part of a broader geopolitical struggle that involves not only these two nations but also the United States and other regional powers. The U.S., in particular, has played a critical role in supporting Taiwan’s cyber defense efforts. As a key ally of Taiwan, the U.S. has provided technical assistance, intelligence-sharing, and cybersecurity training to help the island defend itself against Chinese cyberattacks.
In recent years, the U.S. has also become more vocal in its support for Taiwan’s democratic system, condemning China’s cyberattacks and other forms of coercion. In 2023, U.S. officials publicly denounced China’s cyber warfare activities, calling for a coordinated international response to counter Chinese aggression in the digital realm. This support from the U.S. has emboldened Taiwan’s cyber operations, allowing it to push back more aggressively against Chinese attempts to dominate the narrative in the region.
However, the growing involvement of the U.S. in the China-Taiwan cyber conflict also raises the risk of further escalation. China has repeatedly warned the U.S. against meddling in its internal affairs, particularly regarding Taiwan. Chinese officials have argued that U.S. support for Taiwan’s cyber operations is a violation of China’s sovereignty and could lead to a broader conflict. As the cyber conflict between China and Taiwan intensifies, there is a growing risk that it could spill over into other areas of the U.S.-China relationship, potentially leading to a larger geopolitical crisis.
The Future of Cyber Warfare in the Taiwan Strait
The allegations against Anonymous 64, and the broader cyber conflict between China and Taiwan, underscore the growing importance of cyber warfare in modern statecraft. As technology continues to evolve, so too will the tactics employed by nation-states to exert influence and control. In the case of China and Taiwan, the digital battlefield has become a key arena in their ongoing struggle for dominance, with both sides using cyber operations to disrupt, discredit, and undermine each other.
For Taiwan, cyber warfare offers a way to level the playing field against China’s overwhelming military superiority. By using asymmetrical tactics and leveraging its technological expertise, Taiwan can challenge China’s control over its narrative and defend its democratic system. However, the effectiveness of these efforts remains uncertain, particularly in the face of China’s sophisticated cyber capabilities and its growing focus on controlling the digital realm.
For China, cyber warfare is a critical tool for maintaining control over its political system and countering foreign interference. The Chinese government has invested heavily in building a robust cyber infrastructure, allowing it to monitor and suppress dissent, launch cyberattacks on adversaries, and protect its domestic stability. As the cyber conflict with Taiwan intensifies, China is likely to continue using its cyber capabilities to undermine Taiwan’s independence efforts and to assert its dominance in the region.
Ultimately, the cyber conflict between China and Taiwan is part of a larger geopolitical struggle that will shape the future of the region for years to come. As both sides continue to develop their cyber capabilities, the digital battlefield will become increasingly important in determining the outcome of this conflict. Whether through direct cyberattacks, disinformation campaigns, or the use of internet trolls, the battle for control of the narrative will play a central role in the future of the Taiwan Strait.