TAIPEI (Taiwan News) — The Administration for Cyber Security disclosed in its June report that a government agency’s internet phone system was compromised after hackers cracked the password of its call routing device, resulting in fraudulent outgoing calls.

This marks the first known case in Taiwan where a telecom cost-saving device’s password was breached and exploited for unauthorized use, the administration told CNA.

The compromised device, designed to route calls over the internet instead of traditional landlines to reduce expenses, was manipulated by attackers to display the government agency’s phone number. This misled recipients into believing the calls were official.

An investigation revealed that the unauthorized calls originated from external IP addresses. The breach was caused by a weak password on the agency’s call routing device, which was vulnerable to brute-force attacks.

Following the incident, the agency conducted an internal review and confirmed that no core information or communication systems were compromised. However, the device has been discontinued to prevent further security risks.

To mitigate such risks, the administration emphasized that remote access to equipment should only be granted after a formal review and approval process, limited to a clearly defined timeframe, and continuously monitored for any abnormal activity. Additionally, default usernames and passwords found in device manuals must be changed immediately upon deployment.

Agencies are also advised to regularly update device software and conduct lifecycle management to identify and retire outdated or unsupported devices that no longer receive security patches.