3 min read

Taiwan's Anti-Communist Classes Return — But the Real Battlefield Is Already Digital

Taiwan's Anti-Communist Classes Return — But the Real Battlefield Is Already Digital

Taiwan's decision to revive Cold War–era political education for its military academy graduates has drawn attention as a symbolic hardening of resolve against Beijing. But while ideological training addresses the human dimension of resilience, the more concrete and continuous confrontation between Taiwan and China is already unfolding in cyberspace — and has been intensifying for years, largely outside public view.

A campaign, not a series of incidents

Taiwan's National Security Bureau (NSB) reported that China's cyber army conducted roughly 960 million intrusion attempts against Taiwan's critical infrastructure in 2025, averaging about 2.63 million attempts per day against organizations designated as critical. That figure itself represents a 6% year-over-year increase, and separately, daily attack volumes have risen 113% since 2023, when Taiwan began publishing this data.

Government networks specifically saw a doubling of daily attacks between 2023 and 2024, from about 1.2 million to 2.4 million, with especially sharp increases in telecommunications (up 650%), transportation (up 70%), and the defense supply chain (up 57%).

The pattern: cyber operations timed to political and military signaling

What distinguishes this from generic cybercrime is the synchronization. The NSB found that of 40 "joint combat readiness patrols" — coordinated deployments of Chinese aircraft and ships near Taiwan — cyberattacks escalated during 23 of them. Attacks also spiked around politically symbolic moments: around President Lai Ching-te's first anniversary in office in May 2025, and when Vice President Hsiao Bi-khim met with European lawmakers in November. Separately, activity peaked in May 2025 to coincide with the anniversary of Lai's inauguration, and the NSB's own conclusion was blunt: Beijing's approach reflects a strategic need to use hybrid threats against Taiwan in both peacetime and any future wartime scenario.

Where the pressure is concentrated

Sector-level data shows deliberate targeting choices rather than opportunistic attacks. Taiwan's energy sector saw a tenfold increase in intrusion attempts compared to 2024, while hospitals and emergency rescue services saw a 54% rise — both sectors where disruption would have immediate, visible effects on civilian life. Meanwhile, finance and water resources actually saw attack volumes drop by 48% and 50% respectively, suggesting a shift in priorities toward targets that maximize public disruption and psychological pressure rather than economic ones.

Beyond infrastructure, Chinese-linked groups such as Flax Typhoon and APT41 have reportedly specialized by sector — spreading a broad campaign across multiple nominally independent hacking clusters — while other operations focus on infiltrating Taiwan's semiconductor manufacturing and military-industrial base to steal commercial and defense secrets. Analysts frame this as preparation for a "cyber-enabled economic warfare" strategy intended to force Taipei's capitulation without a full invasion. 

Disinformation as a parallel front

Alongside network intrusions, Taiwan's security services have documented a large influence-operations effort. The NSB identified more than 10,000 abnormal social media accounts, mostly on Facebook, that spread over 1.5 million pieces of disinformation, much of it attacking the Taiwanese government, promoting pro-China narratives, and working to erode trust in the U.S. as Taiwan's principal security partner. Investigators say these efforts increasingly rely on AI-generated memes and videos amplifying false narratives around sensitive topics like tariff negotiations with Washington. 

An escalating war of accusations

The cyber conflict has also become more overtly diplomatic. In a notable departure from precedent, China's Ministry of State Security publicly released the names, photos, birthdates, and job titles of four alleged Taiwanese military hackers, accusing them of operating out of Taiwan's Information, Communications, and Electronic Force Command and running attacks on Chinese infrastructure since 2023. Taiwan's premier rejected the claims as fabricated, arguing Beijing was using them to justify its own ongoing attacks against Taiwan. A cybersecurity analyst noted that naming alleged foreign hackers publicly is a newer tactic for Chinese authorities, suggesting Beijing sees propaganda value in mirroring the "name-and-shame" approach used by Western governments and researchers.

Why this matters more than symbolic gestures

Analysts studying a potential Taiwan contingency argue cyber operations would not stand alone in a conflict scenario — they'd likely be paired with kinetic action. Cyberattacks are considered most effective when combined with conventional weapons, precision munitions, drones, and electronic warfare, potentially overwhelming defenders through scale and speed. Likely early targets in any escalation include the electric grid and communications infrastructure, including undersea fiber-optic cables and satellite links — both areas already showing disproportionate targeting today. 

Reviving ideological training for Taiwan's officer corps is a visible, largely symbolic signal of resolve. The cyber dimension is the opposite: an unglamorous, continuous, already-operational campaign that doesn't require an invasion to matter, and that both governments are already treating as a live front — one where disruption of hospitals, power grids, and telecoms could be used to coerce without a shot being fired.

Data cited from Taiwan's National Security Bureau annual reports, Infosecurity Magazine, Recorded Future's The Record, IPDEFENSEFORUM, FDD, and CSIS analysis, current as of early-to-mid 2026.