Deputy Minister Yi-Jing Lin of the Ministry of Digital Affairs (the MODA) stated that in response to the new types of fraud and cybersecurity challenges brought by AI technology, the MODA employs advanced technological approaches to combat AI-driven fraud. This includes rapidly identifying fraudulent messages, predicting and preventing potential fraudulent activities, and curbing the spread of AI-based online fraud. MODA enhances the country’s digital security capabilities through cybersecurity technology research and defense drills.

The National Institute of Cyber Security (NICS)  under MODA points out that generative AI has automated the generation of fraudulent texts. Robot accounts widely disseminate fraudulent advertisements, leaving comments and liking posts, creating a false impression of popular support for the articles. These robot accounts also post in social groups and communities, expanding their reach and influence. These accounts frequently change user information, personal profiles, photos, and activity patterns to disguise their true identities.to evade detection by relevant authorities,

Vice President Ying-Dar Lin of NICS stated we need to use AI to combat AI. According to AI detection results, approximately 16,000 fan page accounts have posted fraudulent advertisements. By randomly sampling 1,000 of these pages, it is found that they share similar features with approximately 100,000 other pages that still need to disseminate fraudulent ads. This fact suggests that behind the 16,000 pages involved in fraud, there could be about 1.6 million accounts ready to be deployed; terming them a million robot army is quite accurate. They post 5,000 to 10,000 fraudulent ads daily that only last 1-2 days, creating an illusion of diversity and popularity among audiences and exploiting echo chambers for free dissemination.

Regarding addressing the source of AI fraud, Vice President Lin further explains that end-point cleaning strategies can only remove fraudulent ads, but they need to be fast and automated enough to handle thousands of ads daily. It is not feasible to manage 1.6 million robot accounts. The source-combating strategy requires ad agencies to implement a second layer of verification for fan page accounts when they post ads, not just platform operators verifying ad agencies in the first layer. The recently passed anti-fraud law has provided legal tools for the above strategies.

Manager Yu-Hsien Chiang of the Digital Information Division at NICS added that MODA had commissioned the institute to develop anti-fraud technologies, including fraud keyword extraction, data mining, and message tracing, by integrating extensive data analysis, artificial intelligence, and machine learning technologies to effectively assist relevant units in quickly identifying and analyzing potential fraud threats. While AI technology can also create deceptive texts, videos, and images, it can provide robust detection and filtering tools to identify and remove robot accounts. Combating evolving fraud methods requires multi-faceted efforts involving technology, regulations, and international cooperation.

MODA stated that in addition to addressing current fraud concerns, it is committed to enhancing Taiwan’s overall digital environment, security, and resilience. MODA has mandated the NISC to regularly conduct network offensive and defensive drills for government systems to address common vulnerabilities identified during these exercises, such as authentication and verification mechanism failures, injection attacks, ineffective access controls, insecure configuration settings, and encryption mechanism failures. This equips systems with emergency response, recovery, and coordination control capabilities when cybersecurity incidents occur.

The cybersecurity of critical infrastructure and industries is also a key focus for MODA. The Shalun Information Security Service Base of the Administration for Digital Industries showcases cybersecurity scenarios for smart IoT, critical infrastructure, and smart manufacturing. The smart IoT scenario demonstrates access control systems that have passed security testing to prevent hackers from bypassing access controls using replayed codes. The critical infrastructure scenario simulates hackers conducting man-in-the-middle attacks and showcases solutions for accessing cybersecurity in industrial control environments. The smart manufacturing scenario presents a whitelist-based security solution to prevent the use of portable devices carrying malicious software that could compromise production lines. These efforts aim to apply real-world cybersecurity attack and defense scenarios to raise industry awareness, help companies optimize products and services, and enhance Taiwan’s cybersecurity capabilities.