Cybersecurity Administration Expands Defense Drills to Include B-Level Infrastructure Providers

With rising cyber threats to critical infrastructure, the Cybersecurity Administration (CSA) under the Ministry of Digital Affairs is expanding its critical infrastructure protection team to ensure the operational safety of essential services such as energy, transportation, and healthcare. This year, the cyber defense drills will include B-level critical infrastructure providers for the first time, in addition to A-level providers, focusing on inspecting the security of external equipment assets and strengthening asset management and vulnerability patching. The CSA explains that Taiwan's critical infrastructure is divided into nine areas: energy, water, communications, transportation, finance, emergency services and hospitals, government agencies, science parks and industrial zones, and food. A-level providers are those whose system failure would cause catastrophic impact on public interest or human safety, while B-level providers would cause serious impact. A report by the National Security Bureau indicates that in 2025, cyberattacks by the CCP on Taiwan's critical infrastructure averaged 2.63 million per day, a 6% increase from 2024. The targets are shifting from "information theft" to "impacting public livelihood and social stability." The CSA is utilizing digital ranges to simulate real-world industrial control environments and is leveraging private sector capabilities to enhance overall cybersecurity resilience.