Cyber Incident Victim: Democratic Progressive Party
Date:
Jul 2018
Location:
Taiwan
Summary
The Democratic Progressive Party's official website was compromised by hackers who defaced it with derogatory content in simplified Chinese, including a discriminatory term mocking Taiwanese people and images supporting Tsai Ing-wen's re-election. Attackers replaced the site's branding with a dog's headshot and messages claiming Chinese netizens backed Tsai while threatening to target the Kuomintang next, ridiculing the party's cybersecurity measures. The intrusion occurred during early morning hours, prompting immediate shutdown of the platform which remained offline afterward. Hackers explicitly stated they hadn't accessed confidential data but emphasized the vulnerability of the website's defenses.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On July 3, 2018, between 1:30 a.m. and 2:00 a.m., the Democratic Progressive Party’s (DPP) official website was compromised by hackers who replaced its content with politically charged messages in simplified Chinese characters. The attackers altered the website’s title to a statement declaring, "We don't touch your confidential information, it's not worth it; our next target will be the Kuomintang," explicitly threatening Taiwan’s opposition party. The DPP’s name was maliciously changed to "the party of dhebazi"—a derogatory term meaning "silly" or "stupid" directed at Taiwanese people—accompanied by a dog’s headshot image. Further defacement included phrases such as "Go go Tsai Ing-wen, we Chinese netizens love you. by Q" and a green banner stating, "Go Go Tsai Ing-wen, we Chinese netizens love you. You have to run for re-election and then invite U.S. troops to post on the island." These messages mocked the DPP’s cybersecurity measures while sarcastically endorsing President Tsai Ing-wen’s re-election and implying Chinese support for U.S. military involvement in Taiwan. The attackers’ use of simplified Chinese and references to "Chinese netizens" strongly suggested a mainland Chinese origin.
The DPP immediately shut down its website following the attack, and it remained offline as of the article’s publication later that day. Party spokesperson Kolas Yotaka confirmed the incident at noon on July 3, announcing plans to strengthen cybersecurity protocols. The hack’s primary impact was reputational, leveraging public humiliation through derogatory language and imagery rather than data theft or operational disruption. The attackers emphasized their disregard for the DPP’s confidential information while highlighting vulnerabilities in the party’s digital infrastructure. The incident underscored ongoing cross-strait tensions, with the hackers’ messages simultaneously ridiculing the DPP, threatening the Kuomintang (KMT), and satirizing Tsai Ing-wen’s policies. No technical details regarding the attack vector or the duration of the website’s downtime beyond the publication timeframe were disclosed in available sources.