-
You do really record everything. [laughs]
-
I really do. I really do. If you don’t want to be recorded on video, then the camera can just take me. That’s fine.
-
Yeah, that’s fine. I mean if it’s for internal use, that’s fine, internal with the text transcript.
-
Great, I guess I will just jump right in.
-
Of course.
-
You talked a lot about digital resilience. I was wondering if you could describe for me and explain what that looks like for Taiwan.
-
Sure. Resilience refers to the ability to recover quickly from adversity, but much more importantly to re invent mechanisms so that the next time, we can withstand much more. So learn from attacks. That’s resilience.
-
For example, all this right before MODA, our ministry, was founded, there was the highest denial of service attack ever, 23 times compared to the previous peak in a single day following Speaker Nancy Pelosi’s visit. It successfully disrupted access to the Ministry of National Defense or Foreign Affairs or the presidential office website and so on.
-
We learned a lot because prior to that, we didn’t think that a simple DDoS, which is very resource hungry for the attackers would sustain for so long. Evidently, they saw that this denial of service can amplify the disinformation attacks that happened in, for example, the advertisement billboard outside of town, railway station and so on.
-
When the people are panicking, they check the official sources, but if the website is not there, well, it amplifies the disinformation. We learned from that by, for example, our ministry’s website was already online the same hour as the drill from the PLA started. We used not just content distribution network, but also Web 3.0 technology such as IPFS.
-
We never went down for even a second. This technology we shared with other ministries. The first official document that I signed electronically as a minister is to get the Cybersecurity Act to cover those public facing billboards.
-
Can you explain in these events, how does MOFA activate? What happens when something like this happens? Because you’ve said before that there are cyberattacks almost every day from Taiwan. What happens?
-
How do you respond?
-
A couple of things. I cannot speak for MOFA. I can speak for MODA. The MODA basically has two arms. One is the Administration for Cyber Security, which protects the government and critical infrastructure.
-
We also have the National Institute of Cyber Security, or NICS, I’m also the chair, which protects much more including the private sector and the venues that are not covered yet by the Act of the Cyber Security Management.
-
For example, when there’s a incident reported by cyber security researchers, for example, iRent and many other private sector that’s not part of the Cyber Security Management Act, the NICS is activated by receiving these reports from say, TWCC and other CERT emergency response teams.
-
The NISC will work with the competent authority, for example, the Ministry of Transportation and Communication, which is in charge of having a inspection to the iRent situation.
-
Although it’s not covered by the Cyber Security Management Act, it is covered by the Personal Data Protection Act, the PDPA. The Minister of Transportation and Communication acting by the PDPA can work with NICS, and the NICS professionals can just go with the MOTC to iRent to do the necessary inspections. It’s essentially, two branches.
-
Can you update me on this plan of talks about, I think it was last year, about satellites sure to build a network for Taiwan in the event of natural disasters, possibly war, and as you said before, manmade disaster?
-
We already have the non geostationary satellite receivers, even mounted on a mobile vehicle already tested initially in Hsinchu under TTC, the Telecom Tech Center, which we want to rename to Trust Tech Center.
-
Anyway, the Telecom Center who are already having this kind of capacity, in addition to testing it in Hsinchu, we’re now planning to test it in even more remote places such as Matsu. That is within our plans.
-
The plan is to take those initial proof of concept tests, which is just a few places, and scale it over the next couple of years to 700 or more spots in Taiwan against some fixed, some mobile.
-
We’ll also plan to set up three or more points outside of Taiwan so that we can test this kind of international communication including video conferences and so on, based solely on the non geostationary satellite networks.
-
Where would those satellites go outside of Taiwan?
-
You mean the receivers?
-
Yeah. When you say setting up a couple outside of Taiwan, where are you thinking?
-
We’re thinking of places that will have a lot of attention. If something that’s disastrous happened to Taiwan, the international correspondents, including you actually…
-
(laughter)
-
…who can then tap into this satellite network. Where the journalists’ headquarters are, where are the democratic societies that it’s most likely to pay close attention to what’s happening to Taiwan, and so on. These are the places that we set priority.
-
For these 700 or so satellites you’re thinking, where will you get them, or will Taiwan get these from?
-
Satellite receivers. It’s not satellites. Again, as I mentioned, we already partner with SCS Global. In addition to SCS Global, there are many non geostationary providers, both in MEO and LEO now.
-
Sorry, in MEO and LEO?
-
Mid Earth orbit and low Earth orbit.
-
I see.
-
The mid Earth orbit requires less amount of satellites, provides a pretty high bandwidth. The problem is mostly data latency is slightly higher than low Earth orbit. The low Earth orbit requests a lot more satellites, but the latency is lower. Meaning that, when we do video conference, there’s less of a time lapse between what I say and what you hear.
-
We’re going to test a combination of both. It’s not that we’re putting all our eggs in one basket, so to speak, but we want to enable a plurality of heterogeneous combination of satellite access providers.
-
Are there potential partners you’ve considered or identify now in the UK or Europe that could help create this vision that you have?
-
Yeah. As I mentioned, there’s the proof of concepts that’s already setting up that the more the merrier. There’s also the commercial operation to enable, for example, very remote places, like aerial or marine vehicles, and so on. That may also make business sense. That’s two different things.
-
They’re already two Taiwanese companies that partnered with the global providers that have issued the license seeking application, two, the commercial application. For the POC, it’s not limited by the commercial operators. We can work with even research operators and so on. While I cannot name names, this is evidently more than just these two providers.
-
I’m not a expert on this kind of technical terms, can you explain to me what Taiwan is able to do today and what it would need to get to this big, big network that you’re talking about?
-
As of today, what we can do is that, for example, in the Hsinchu Fire Service experiments, to mount a satellite receiver connecting to the mid Earth orbit with pretty high bandwidth for high quality video link.
-
So that this vehicle can drive to the places that loses its Internet connection due to natural or unnatural disasters, and then provide an alternate service link for the firefighters for the people who need to report, and so on. That’s already our capacity. Our next step is to make sure that these kinds of service moves beyond one single county or one single town.
-
So that each and every county and city in Taiwan have at least one that they can use, first just to get acquainted to this equipment, but also to run drills so that they know that even if, for example, all of our submarine cables around Taiwan are cut in some very large earthquake, then we can run the drills to ensure that our video communications and so on still work in such a drill.
-
That capacity is what we’re building toward so instead of just one or two or three places, it’s all counties and townships.
-
How long do you think it will take for Taiwan to do this?
-
As of this year, what we’re doing is we’re testing the configuration for various providers to ensure that we can pair the actual requirements, the actual demand with the supply of those Matsu stations and satellite providers.
-
One single mounted vehicle with a local 5G network, and so on, can have two or more satellite receivers mounted on it. Depending on the traffic that’s needed, it can choose which satellite system to use according to its need. We’re testing this system this year.
-
Next year, our work is to reconfigure based on the results we get from our technical tests and drills, and so on, to add even more satellite providers into the mix. Also, most importantly, to convert some of these mobile places where it can receive those satellites into even more mobile stations that are even more lighter weight.
-
Instead of having to mount it on a very large car, maybe much smaller. I’ve also heard of backpack configurations, which will be even more useful.
-
This means that you still are reliant on satellite providers to provide this service.
-
Yes.
-
Is there a way to close the gap on that? We’ve seen, for instance, Kyiv at Ukraine, Starlink, there are different ideas about how certain companies want their products to be used, things like that. How do you deal with that when it comes to different providers?
-
As I mentioned, just like when we use the public cloud providers including Amazon, Google, Microsoft, and such, for not just cloud computation but also off site backups, and so on, we ensure that an adversary has to take down or infiltrate all three providers before they can successfully disrupt our service. This is resilience in plurality of service providers.
-
The same goes for satellites. If we have multiple vendors that work simultaneously in both mid Earth and low Earth orbit, that, in addition to the geosynchronous capabilities we already have ourselves, provided a much stronger currency. That adversary has to take all of them down to deny us communication.
-
Diversification, basically?
-
Yes.
-
I went to Matsu recently. It was very interesting, without such a [laughs] great signal. The signal is better now than it was before when the two cables were first cut, but it’s still…
-
The microwave is better now.
-
It still comes and goes. It’s hard to load web pages, things like that. In an ideal world, if something like that were to happen, if you had everything in place — you’ve got your vision, everything’s set up — what would happen if cables got cut? What kind of process?
-
Then, people won’t feel a thing. Ideally, around the end of this year, when the NCC and the CHT working with us expands the microwave capabilities so that it matches the actual usage — as I mentioned, the supply need to match the demand of the people in Matsu — then, even if all the submarine cables are cut, people will not feel any significant impact.
-
Of course, microwave is the second line of backup. The first line is a additional subsea cable, the fourth subsea cable between Taiwan and Matsu, which will be also funded.
-
In addition to the new cable and the microwave, what we want to say is that if we have the satellite capabilities for emergency and for coordination, video conference, responding, and so on.
-
While, of course, satellites cannot cover all the needs of commercial use and entertainment use, and so on, at least, people will feel a peace of mind that the emergency response network still functions well. The satellites are the third line of backups.
-
It’s interesting you mentioned this peace of mind issue. I was wondering about you stand for transparency. You want the citizens of Taiwan to know what your government ministry is doing.
-
How do you balance this between the transparency aspect to let people here know what you’re doing versus possibly giving more or too much information? That bad actors who want to use it again against you or find your vulnerability can take that, and use it to their advantage. You can use the satellite, the situation with Matsu, as an example.
-
If you had the capability to make sure that if all the cables were cut, Taiwan could still stay connected, doesn’t that give people the advantage then to figure out how they can, frankly, mess with you? How do you balance that, the transparency versus possibly revealing too much?
-
Sure. Transparency itself is not the goal. The goal is democracy. To make sure that there’s a informed citizenry that has the full context of the why and how of policymaking, not just the what of policies made. This is very important.
-
Nowadays, it’s very easy for generative AI [laughs] to make up whatever hallucinating articles, essays with very convincing style. Without a pipeline, I would say, a mechanism to ensure balanced reports, fact checking, proper framing of things, checking the sources, which is called journalism [laughs] in total. Without journalism, democracy wouldn’t function.
-
A lot of our work in MODA is to enable not just professional journalists to co prosper with the large platforms, but also for civic journalism to thrive. For civic journalism to thrive, it is essential for us to provide the full context for policymaking, so that people who want to learn about how this policy is made can tap into those records.
-
Now, of course, the actual configurations — like the exact IP addresses [laughs] of the satellite configurations, exactly the protocol used, and so on — strictly speaking, that is not within the policymaking context. It is more like parameters, technical parameters.
-
When I say radical transparency, I mean mostly what I see and what I hear and what I think every day. I don’t mean that all the technical details need to be revealed to adversaries. There is a real difference if you optimize for transparency for democracy rather than for transparency for transparency’s sake. It is also why we’re not livestreaming this.
-
I understand what you’re saying about the technical details. Even if knowing that Taiwan…Let’s say, the bad actors.
-
Even knowing that Taiwan has the ability to make sure that it won’t get totally cut off because it has these second, third, four backup plans, or whatnot, even knowing that, doesn’t that give them a chance then to find a way to take it down even if you do diversify? This is quite a hypothetical question, but how do you stop…?
-
It’s hard to keep microwave receivers or satellite receivers a secret, though. First of all, it may not be feasible to keep these plans a secret. Moreover, a lot of the ideas in server security design is to assume that the other person already knows your system.
-
If you design your system well and you only need to keep secret you passphrase or nowadays, beyond passphrase, your FIDO biometric authentication and so on. You just keep secret a very small piece of information. It’s easier to guard that.
-
If you design your defense, assuming that you need to keep you adversary from knowing how you system plant works, then you have to defend a lot of information, which is much harder to defend.
-
We adopt this idea called “zero trust.” Part and parcel of zero trust is this idea of assuming breach, meaning that the adversary probably already knows how your system works, and you have to design your defense based on that assumption.
-
That’s interesting. Makes sense. Assume that what you’ve got, they might already know.
-
Yeah.
-
It’s perhaps maybe the best [laughs] way to prepare.
-
Otherwise, we’re lulling ourselves into a false sense of security, and nothing could be worse than that.
-
Is there truly a hundred percent security in what you do?