(Bloomberg) -- Taiwan’s financial system undergirds a $760 billion high-tech economy, but its vulnerability to advanced hacks has raised fears of a worst-case scenario: a full-blown cyberattack from China that sends its currency and markets into a tailspin.

To bolster its online defenses, government officials and financial institutions in Taipei are consulting security experts from the US Treasury Department and working with American cybersecurity company SimSpace Corp. to run simulated cyberattacks, cramming a hypothetical three weeks of digital assaults into an eight-hour drill.

Tabletop cyber exercises are hardly new, even in Taiwan. But the urgency to beef up digital defenses in Taiwan is acute, as the island sits at the center of US-China tensions and has a critical presidential election in January. A victory by the ruling party could prompt Beijing — which views Taiwan as its territory — to take a more aggressive approach toward Taipei. 

“Taiwan has near zero capability to defend itself from these advanced cyberattacks,” said Charles Li, chief analyst at Taiwanese cybersecurity firm TeamT5. He said his firm’s work tracking state-sponsored hackers in Taiwan showed that most of the island’s government agencies and companies attacked last year “did not even notice that they were being hacked.”

Li said that’s because small and medium-sized firms often lack the resources to effectively defend their systems. And despite cybersecurity investments by bigger companies and government agencies, they have still struggled to keep up with the constantly shifting techniques employed by state-sponsored hackers.

The number of state-sponsored attacks has been soaring, more than doubling in three years, according to TeamT5, which has clients from Singapore to the US. Moreover, researchers at cybersecurity firm Fortinet said that Taiwan accounts for about 55% of the billions of malicious cyber threats detected in the Asia-Pacific region this year.

Read More: Google Warns China Is Ramping Up Cyberattacks Against Taiwan

Taiwan’s Ministry of Digital Affairs reported the most common attack is focused on stealing sensitive information and that the frequency and number of threats surge depending upon geopolitical events. 

For instance, during former House Speaker Nancy Pelosi’s visit to Taipei in August 2022, Taiwan “experienced foreign cyberattacks reaching levels 23 times higher than previous peaks” and some government websites temporarily went offline due to the large volume of distributed denial-of-service (DDoS) attacks, according to the ministry. 

That period, which coincided with unprecedented Chinese military drills around Taiwan, highlighted the island’s vulnerabilities.  

“The majority of cases we’re dealing with are espionage attacks, they’re stealing data, and they’re attempting to maintain a persistent presence inside these networks for as long as they possibly can,” said Jon Clay, vice president of threat intelligence at Trend Micro Inc.

Read More: Can China Fight? Putin’s War Underscores Xi’s Military Weakness

Officials at China’s Taiwan Affairs Office didn’t respond to a request for comment. 

Most cyber experts and officials acknowledge that Taiwan still has a lot to improve on when it comes to defending against sophisticated attacks. The latest exercises concluded that Taiwan’s banks still aren’t adequately prepared to meet the threat, according to participants and internal reports. 

“The reality is, they’re getting hammered,” said Lee Rossey, co-founder and chief technology officer at SimSpace. 

The irony of Taiwan’s vulnerabilities is that the island is home to the world’s most advanced chipmaking technology, thanks to a home-grown supply chain network that helped the semiconductor industry flourish. The industry has spent heavily on some of the most sophisticated cybersecurity and physical security measures to guard its intellectual property and factories.

But that hasn’t translated to other sectors of Taiwan’s economy, analysts said.

Read More: Why Taiwan’s 2024 Election Matters From China to US: QuickTake

During the October exercises administered by SimSpace, which Bloomberg observed, banks of computer screens flickered and alarms sounded, while an oversized display at the front of the room highlighted icons of bombs and missiles representing cyberattacks and threats. Camera crews tracked the teams, filming their deliberations and actions to review later.

A cyberattack from China on Taiwan’s financial system is widely seen as a potential prelude to military action. 

Chinese officials have said they would prefer that Taiwan unify with the People’s Republic voluntarily, but they don’t rule out the use of military force to make it happen and consider efforts to formalize the island’s independence a national security threat. President Joe Biden has repeatedly said the US would come to Taiwan’s defense if attacked, prompting protests from Beijing.

Besides Boston-based SimSpace, Taiwan has also had talks with experts from the US Treasury’s Office of Cybersecurity and Critical Infrastructure Protection. That engagement is still in the early stages, but the collaboration is expected to help with intelligence sharing on financial security and build new simulators to mimic large-scale cyberattacks on the finance industry and trading systems, according to people familiar with the plans.

Chinese Hackers

One scenario Taiwan hopes to implement in future drills is a destruction of infrastructure that results in blackouts and communication breakdowns, according to the people. The idea is to simulate the kind of events that might happen during large-scale natural disasters or military conflict. 

Officials want to avoid repeating what happened in 2020 when Taiwan’s biggest oil provider, CPC Corp., as well as Formosa Plastics Corp., were hit by ransomware attacks, which paralyzed their operations and gained access to critical files. Government investigations linked those attacks to the Chinese state-sponsored Winnti Group — or hackers associated with it.

Then, in late 2021, client accounts at several Taiwanese securities firms were infiltrated by unknown hackers, prompting the companies’ back-end trading systems to automatically purchase Hong Kong stocks, according to Taiwan’s financial regulator. An investigation linked the origins of those hacks to the Chinese cyber espionage group APT10. 

China is constantly improving its capability to launch these advanced attacks, said Hank Huang, who runs the Taiwan Academy of Banking and Finance, a government-advised NGO that conducts research projects and trainings for the financial sector.

“There is still a long way to go in strengthening national security-level protection for the financial industry,” Huang said. 

--With assistance from Jing Li.

(Adds additional remarks from analyst in fifth paragraph.)

©2023 Bloomberg L.P.