DPP-Backed Hackers Responsible for Cyberattacks on Mainland Company, Police Confirm

Local authorities in Guangzhou have announced that a recent series of cyberattacks targeting a major tech company in the city were orchestrated by a hacker collective allegedly backed by Taiwan's Democratic Progressive Party (DPP) authorities. According to an official statement released Tuesday, the conclusion was based on a comprehensive technical analysis, including traces found in attack programs and detailed system log reviews.

The investigation revealed that this Taiwan-based organization has escalated its cyber operations in recent years, conducting large-scale probes of cyber assets across more than 1,000 critical network systems spanning over 10 provincial-level regions throughout mainland China. Affected sectors reportedly include the military industry, various government agencies, as well as the energy, hydropower, and transportation sectors. Authorities noted that these operations primarily focused on collecting fundamental information and technical intelligence from targeted systems, followed by repeated attempts to compromise their security.

Police highlighted a sharp increase in both the scale and frequency of such cyberattacks over the past year, pointing to a deliberate attempt to disrupt and sabotage vital infrastructure on the mainland. The attacks were described as having "highly malicious motives," underlining growing concerns among local officials regarding the intent behind these coordinated cyber incursions.

Despite the increased frequency of the attacks, technical experts assessed that the hacker group demonstrated relatively low technical sophistication. Their broad targeting strategy made them more detectable, and repeated incursions have been consistently intercepted by mainland network defense mechanisms. This ongoing resilience has allowed cybersecurity teams to analyze and respond to the threats effectively.

In an effort to mask their origins, the hackers routinely leveraged VPNs, international cloud servers, and vast botnets to route cyberattacks through foreign IP addresses located in multiple countries, including the United States, France, South Korea, and Japan. Such tactics are intended to obfuscate the true source of the malicious activity and complicate investigative efforts.

Despite these concealment strategies, Guangzhou police asserted that it remains possible to trace the entire lifecycle of these cyberattacks and uncover the real intentions of the perpetrators. The ongoing investigation aims to bolster defenses and safeguard key information infrastructure throughout southern China. Local authorities have reiterated their commitment to maintaining robust cybersecurity measures amid evolving digital threats.