Taiwan’s defense science institute entangled in security breach over Chinese cloud service

Country's confidential military technology potentially leaked to China via Baidu Cloud

  6288
Thunderbolt-2000 weapon system (NCSIST photo)

Thunderbolt-2000 weapon system (NCSIST photo)

TAIPEI (Taiwan News) — A procurement flaw has been found at Taiwan’s military technology development institute, and critics say it may have jeopardized the country’s national security because it involved a Chinese cloud service.

For successful bidders for online storage server equipment in 2018, the National Chung-Shan Institute of Science and Technology (NCSIST) required that a Beijing-based cloud service provider, Baidu, be included on a list of cloud service software to be used for backup needs. The incident was first reported by Apple Daily on Monday (July 6).

The requirement meant NCSIST files would be synchronized automatically on the Baidu program. The revelation has stunned people in many quarters, as the leaking of Taiwanese military technology to China poses a grave national security threat, wrote iThome.

In response, the institute released a statement in which it admitted to an IT equipment procurement defect stemming from “personnel neglect” and said those responsible for the incident would be reprimanded. In an attempt to downplay security concerns, it added that the computers in question were not connected to the external network, but it did not provide an assessment of potential information security breaches.

NCSIST is a state-owned institute dedicated to the development, manufacture, and sale of weapons and dual-use technologies. Established in 1965, it has helped design Taiwanese weapons systems such as the AIDC F-CK Indigenous Defense Fighter, AIDC T-5 Brave Eagle jet trainer, Hsiung Feng surface-to-surface missiles, and Antelope air defense system.