CyCraft Report: Taiwan Threat Trends

Understanding the Threats Targeting Taiwan and the Adversarial Techniques, Tactics, and Procedures Taiwan Organizations Face

CyCraft Technology Corp
Mar 19 · 4 min read

Taipei, Taiwan — 19 March 2021 — CyCraft Technology, the fastest-growing cybersecurity firm in Asia, announced the release of their Taiwan Threat Trends Report, which unites the insights and notable observations of CyCraft Taiwan’s incident response (IR), threat hunting, and support teams. The report not only provides an in-depth look into the current state of the Taiwan cybersecurity landscape but also highlights the trending techniques, tactics, and procedures (TTP) employed by threat groups targeting organizations within that landscape.

The CyCraft Taiwan Threat Trends Report reveals the extensive impact the pandemic has had on cybersecurity maturity in Taiwan environments, including government agencies, high-tech firms, top financial institutions, entities in the entertainment industry, semiconductor manufacturers, and other notable targets in critical infrastructure.

Notable findings include:

  • DLP Abuse — As DLP software is widely deployed in sensitive organizations, is daily-used software, and often has high privilege, DLP vendors and customers both need to constantly be striving on hardening security to maintain resilience even in the worst of situations.
  • Trusted Certificate Abuse — Taking a zero-trust approach is an essential step to hardening security. Abusing trusted certificates can be devastating to an environment relying solely on white and blacklists with no behavior monitoring security solution in place. Although abusing trusted certificates is difficult for attackers, it is within the realm of possibility and has been observed multiple times in Taiwan.
  • VPN Abuse — With the global pandemic triggering the dramatic demand for remote work solutions, VPNs have seen a surge in use in 2020 by both organizations and threat actors. VPNs were widely used to construct a jumpbox into an organization’s environment as well as serve as a command and control channel.

“Single solution security controls are not panaceas, be they an isolated server or preventive solutions. Accurate and actionable intelligence, thorough visibility, and automated detection and response are necessary tools to defend against not only modern attacks but also attacks in the coming decade.”

CyCraft, Taiwan Threat Trends

Everything Starts From Security

CyCraft customers can prevent cyber intrusions from escalating into business-altering incidents. From endpoint to network, from investigation to blocking, from in-house to cloud, CyCraft AIR covers all aspects required to provide small, medium, and large organizations with the proactive, intelligent, and adaptable security solutions needed to defend from all manner of modern security threats with real-time protection and visibility across the organization.

Engage with CyCraft

Blog | LinkedIn | Twitter | Facebook | CyCraft

CyCraft secures government agencies, police and defense organizations, Fortune Global 500 firms, top banks and financial institutions, critical infrastructure, airlines, telecommunications, hi-tech firms, SMEs, and more by being Fast / Accurate / Simple / Thorough.

CyCraft powers SOCs using innovative AI-driven technology to automate information security protection with built-in advanced managed detection and response (MDR), global cyber threat intelligence (CTI), smart threat intelligence gateway (TIG) and network detection and response (NDR), security operations center (SOC) operations software, auto-generated incident response (IR) reports, enterprise-wide Health Check (Compromise Assessment, CA), Secure From Home (SFH), and Risk Intelligence (RiskINT) services.

Meet your cyber defense needs in the 2020s by engaging with CyCraft at

Related Resources


Everything Starts From Security