TAIPEI, Taiwan — Cyber intrusions traced to China against Taiwan’s critical infrastructure averaged 2.63 million a day in 2025, Taiwan’s National Security Bureau said in a new analysis, Jan. 5, 2026.
The bureau said the activity—often spiking alongside Chinese military and political pressure—fits a broader campaign aimed at disrupting services, weakening public confidence and extracting sensitive data.
Taiwan cyberattacks: what the report says is being targeted
The report, titled “China’s Cyber Threats to Taiwan’s Critical Infrastructure in 2025″, said the steepest year-over-year increases hit energy, emergency rescue services and hospitals. It said exploitation of hardware and software vulnerabilities accounted for more than half of observed activity, alongside distributed denial-of-service attacks, social engineering and supply-chain intrusions.
In its summary of the findings, Focus Taiwan reported that the bureau attributed the campaign to a “cyber army” and said at least 20 ransomware-related cases were identified involving major hospitals in 2025. The bureau did not say how many intrusion attempts succeeded.
How Taiwan cyberattacks are being linked to hybrid pressure
The analysis said cyber activity showed patterns consistent with political and military coercion. It cited a correlation with Chinese military patrols near Taiwan: China conducted 40 “joint combat readiness patrols” in 2025, and cyber activity escalated 23 times during those patrols, the bureau said. It also said intrusions peaked around major political moments, including anniversaries and overseas travel by senior Taiwanese officials.
A Reuters report on the bureau’s findings said the targets included hospitals, energy services and banks, and noted Taiwan’s view that technology theft and disruption attempts are part of Beijing’s long-running pressure campaign. China routinely denies hacking allegations.
Cybersecurity-focused outlets including CyberScoop also highlighted the report’s emphasis on rising pressure against energy and hospital networks and the use of vulnerability exploitation as a dominant tactic.
Continuity: Taiwan cyberattacks have surged before during flashpoints
The 2025 figures extend a trend Taiwan has been documenting publicly. In early 2025, Reuters cited a previous bureau report saying Chinese cyberattacks on Taiwan’s government averaged about 2.4 million a day in 2024—roughly double the prior year’s daily average. That report described repeated targeting of government networks and critical sectors.
And during heightened cross-strait tensions in 2022, Reuters reported that cyberattacks surged in connection with U.S. House Speaker Nancy Pelosi’s visit to Taiwan, with Taiwan’s digital minister saying the volume of attacks spiked far above prior records. That episode included disruptions and online defacements at public-facing organizations.
Taiwan’s new analysis frames those spikes as part of a wider pattern: Taiwan cyberattacks rising not only in volume, but in timing and targeting, in ways the government says are designed to amplify pressure without crossing the threshold of open conflict.
