On September 23, 2024, China’s National Security Ministry made a startling announcement: a Taiwanese hacking group called “Anonymous 64” had been carrying out cyberattacks against targets in mainland China, Hong Kong, and Macau. The ministry claimed that since the beginning of the year, this group had sought to upload and broadcast content that “denigrates the mainland’s political system and major policies” on websites, outdoor screens, and network TV stations.
According to Chinese state media, “Anonymous 64” is not merely a group of independent hackers but a part of Taiwan’s cyber warfare wing, specifically the Information, Communications, and Electronic Force Command (ICEFCOM) within Taiwan’s Ministry of National Defence. The allegations go further, naming three individuals believed to be active members of the Taiwanese military who are now under investigation by Chinese authorities for their alleged involvement in these cyberattacks.
Taiwan’s Rebuttal and Credibility
ICEFCOM issued a statement categorically rejecting China’s claims, asserting that its focus is solely on national defense and maintaining cybersecurity. The Taiwanese military emphasized that it is, in fact, the People’s Liberation Army that poses a threat to Taiwan’s cybersecurity and undermines regional peace. Taiwan’s stance is clear: these allegations are baseless and potentially a smokescreen for China’s own cyber activities.
This exchange of accusations highlights a fundamental challenge in cybersecurity: attribution. The nature of cyberspace makes it difficult to definitively prove the origin of attacks, allowing for plausible deniability. This ambiguity can be exploited by both state and non-state actors, further complicating international relations.
China’s National Security Ministry claims that its investigation into “Anonymous 64” revealed that many of the websites the group claimed to have accessed were fake or had little to no traffic. Furthermore, they assert that posts showing infiltration of numerous university and media websites were photoshopped. This raises questions about the extent and impact of the alleged cyberattacks, if they occurred at all.
This raises several critical points:
If China’s claims are true, it suggests that “Anonymous 64” might indeed be engaging in a form of psychological warfare, creating the illusion of successful attacks to sow discord and uncertainty.
Within the digital space, evidence can be easily fabricated or manipulated, making it difficult for third parties to independently verify claims.
Even if the attacks were less impactful than claimed, the perception of vulnerability can be just as damaging, potentially eroding public trust in digital infrastructure.
The “Anonymous 64” X (formerly Twitter) account, purportedly set up in June 2023, has shared screenshots of efforts to broadcast videos likening Chinese President Xi Jinping to an emperor, marking the second anniversary of protests against Beijing’s strict COVID curbs, and commemorating the 1989 Tiananmen Square demonstrations. These actions, if genuine, would indeed be provocative from Beijing’s perspective.
Multiple reports indicate that it remains difficult to verify the authenticity of Anonymous 64’s activities and its claimed successes. Chinese state media suggested that many of the websites purportedly attacked by the group were either fabricated or received minimal traffic, casting doubt on the scale of their operations.
Political Transitions and Cyber Allegations
The timing of these allegations and denials is particularly intriguing, coming just months of a significant political transition in Taiwan. On January 13, 2024, Taiwan elected Lai Ching-te from the Democratic Progressive Party (DPP) as its new president, with his May 20, 2024 inauguration. This election marked a historic third consecutive presidential victory for the DPP, a party known for its pro-independence leanings.
Could these allegations be an attempt by China to put pressure on the incoming Lai administration, signaling a tough stance on cross-strait relations from the outset?
The relationship between China and Taiwan has been fraught with tension since the end of the Chinese Civil War in 1949. China considers Taiwan a breakaway province that must be reunified with the mainland, while Taiwan has maintained de facto independence, developing its own democratic system and distinct national identity.
Does the timing suggest an attempt to draw global attention to cross-strait tensions, potentially influencing international support for Taiwan? How might these cybersecurity claims be used internally by both China and Taiwan to rally public support or justify increased defense spending?
China maintains a near-daily military presence around Taiwan, frequently deploying fighter planes, drones, and naval ships. The median line of the Taiwan Strait, long serving as a tacit border, has been increasingly crossed by Chinese military assets, particularly since U.S. House Speaker Nancy Pelosi’s visit to Taiwan in August 2022.
China has called on Taiwan to accept the “1992 consensus”, which asserts that both sides of the Taiwan Strait belong to one China, as a precondition for talks. However, Taiwan’s newly elected president, Lai Ching-te, like his predecessor, has rejected this premise, instead emphasising Taiwan’s de facto independence.
The alleged activities of “Anonymous 64”, whether real or fabricated, highlight the importance of information and disinformation in modern geopolitical conflicts. The ability to control narratives through digital means has become essential in cross-strait dynamics. Whether real or fabricated, these allegations could lead to an escalation in cyber activities from both sides.
This situation may result in a tit-for-tat cycle of cyberattacks and counter-attacks, potentially spilling over into other domains. Both China and Taiwan are likely to bolster their cyber defences in response to these allegations, and this could lead to more robust cybersecurity policies and investments in both offensive and defensive cyber capabilities. However, this arms race in cyberspace could potentially lead to greater instability and mistrust.
As a result, businesses operating in the region may face increased cybersecurity risks and regulatory scrutiny. Companies may need to reassess their cybersecurity strategies and consider the geopolitical implications of their digital infrastructure choices. The incident may spark discussions among other Asian nations about the need for regional cybersecurity cooperation. Countries like Japan and South Korea, which have their own complex relationships with China, may seek to enhance their cyber alliances. This could lead to a fragmentation of the digital ecosystem along geopolitical lines.
As this controversy draws global attention to the cybersecurity dimension of cross-strait tensions; this could lead to increased international involvement, potentially including cyber-related sanctions or diplomatic interventions. As a key ally of Taiwan, the United States may feel compelled to respond to these developments. This could involve increased cybersecurity cooperation with Taiwan or stronger diplomatic stances against China’s cyber activities. However, such involvement could further complicate U.S.-China relations and potentially escalate tensions in the region. Countries in the region will be closely monitoring these developments.
Forward
While the truth behind the “Anonymous 64” allegations may remain elusive, their impact on regional dynamics is undeniable. Both sides will need to navigate this digital minefield carefully, balancing national security interests with the need for stability and cooperation in an increasingly interconnected world.
China’s use of state-run media outlets to disseminate these allegations demonstrates the power of state-controlled narratives in framing cybersecurity threats. This raises questions about the reliability of information and the potential for media to be used as a tool of information warfare.
As the situation evolves, it will be crucial for all parties involved to maintain open channels of communication, work towards establishing clear norms in cyberspace, and prioritize de-escalation to prevent virtual conflicts from spilling into the physical world. International media outlets often strive to present a more balanced view, but they too can be influenced by geopolitical considerations and access to information. The challenge lies in presenting complex cybersecurity issues accurately and impartially to a global audience. The international community, has a role to play in encouraging dialogue and promoting responsible state behavior in cyberspace.
The mention of “Anonymous 64’s” X account highlights how social media platforms have become both a battleground for information warfare and a source of intelligence for cybersecurity analysts. This dual role presents challenges for platform governance and raises questions about the responsibility of social media companies in geopolitical conflicts.
Developing critical thinking skills and the ability to evaluate sources becomes crucial in an era of information warfare. As the situation evolves, it will be crucial for all parties involved to ponder the following:
How can nations distinguish between state-sponsored cyber activities and those of independent hacker groups, and what implications does this have for international relations and the concept of state sovereignty in cyberspace?
In what ways might the increasing prominence of cyber warfare change the nature of geopolitical conflicts, particularly in regions with longstanding tensions like the Taiwan Strait? How does this shift the balance of power between larger and smaller nations?
How can media literacy be improved to help the public navigate conflicting narratives around cybersecurity incidents, especially when they intersect with complex geopolitical issues? What role should education systems and tech companies play in this process?
What role should international organizations play in establishing norms and accountability for state-sponsored cyber activities, and how can these be effectively enforced in a digital landscape that often transcends national boundaries? How might this impact national sovereignty?
How does the concept of “strategic ambiguity”, often employed in traditional geopolitics, translate to the cybersecurity? Is it a viable strategy in the digital age, or does it increase the risk of miscalculation?