EXPERT INTERVIEW — While much of the world’s attention in recent weeks has been on Europe, and the U.S. tilt to Russia in its pursuit for an end to the war in Ukraine, tensions remain high in a hotspot on the other side of the globe: Taiwan.
Officials in China and Taiwan are tracking the situation in Ukraine with a focus on how the Trump administration’s approach there might signal a U.S. response in the event of a conflict with China. But in many ways, the self-governing island, which is claimed by Beijing, is feeling the heat right now. Taiwan’s defense ministry said Wednesday that China’s People’s Liberation Army had begun unannounced life-fire naval drills off Taiwan’s southwestern coast. The ministry said the “shooting drills” – just 40 nautical miles from the Taiwanese municipality of Kaohsiung – endanger commercial aviation and shipping, and “present an open provocation to regional security and stability.”
The threats from the mainland reach beyond the military dimension. Taiwan has long faced what it says are Chinese state-sponsored attacks in cyberspace. Taiwan’s National Security Bureau reported in January that cyberattacks against Taiwanese government departments in 2024 more than doubled from the previous year, reaching an average of 2.4 million attacks a day. Most of these attacks were attributed to Chinese cyber forces. Taiwanese telecommunications, transportation and defense networks were also targeted.
Taiwan has also reported recent damage to undersea communications and internet cables which link Taiwan with outlying islands and nearby countries. In the latest incident, Taiwan’s coast guard detained a cargo ship and eight Chinese crew members after a cable was reported damaged shortly after the vessel dropped anchor in the area.
The Cipher Brief turned to retired Rear Admiral Mark Montgomery, former Executive Director of the Cyberspace Solarium Commission, to discuss the wide-ranging threats posed by China to Taiwan. Montgomery spoke with The Cipher Brief from Taiwan, where he attended the first-ever Halifax International Security Forum in Taipei.
Montgomery stressed the importance of preparing responses and defenses to China’s cyberattacks — well ahead of time. “There's all these things they can do that make it so that when the cyberattack happens, it has less impact,” he said. “But those are things you got to do and you got to practice.” He added that many of the lessons for Taiwan are applicable to the U.S., which faces similar cyber and gray-zone threats from China and others.
RADM Montgomery spoke with Cipher Brief CEO Suzanne Kelly. Their conversation has been edited for length and clarity. You can also watch the full discussion on The Cipher Brief’s YouTube channel.
Kelly: You've been meeting with senior leaders in Taiwan since you arrived. What's top of mind for them right now?
RADM Montgomery: For sure, it's been President Trump's comments on Ukraine and this kind of treatment of the negotiation process.
As you may know, Taiwan’s government has repeatedly said that continued success in Ukraine is good for Taiwan. They understand basic deterrence, that if you want to deter one bully, standing up to the other bully in the neighborhood, particularly when they're all aligned in an “Axis of Authoritarians,” is important. And backing down to that bully or appeasing that bully — Taiwan thinks that will embolden China to do things to them. So there's a lot of nerves here about how to handle that.
Then there's broader nerves on how to handle President Trump and his approach to Taiwan and China.
Kelly: Why is Taiwan so important to the U.S.?
RADM Montgomery: There's a few reasons. The original reason: back in 1979, there was an agreement after we had switched allegiances in terms of who was at the UN, who would be “China” as we saw it. After [Secretary of State Henry] Kissinger did that, the Congress did respond eventually with the Taiwan Relations Act, which defined and said the United States is going to make sure Taiwan is not compelled to be absorbed into China. And then it said that to do that, we'll support Taiwan by selling weapons, and the United States will have plans for how they would support you if necessary. And that made perfect sense. If you go back to when I was a young kid, we had 10,000 troops in Taiwan. We had troops in Taiwan all the way up to about 1979, and the numbers were in the thousands through the end of the Vietnam War. This was a long-standing ally.
So, the first reason Taiwan matters is our values. We said to them, we will protect you against being compelled or coerced back into mainland China without an agreement by you.
Since then, Taiwan has evolved. As they shed their military martial law in 1987 and democracy came to Taiwan, capitalism came with it and they flourished. And eventually they invested in TSMC, Taiwan Semiconductor Manufacturing Corporation. Morris [Chang] set the company up here in Taiwan and it has been highly successful. Fast forward, they're now a critical element of the global economy. It's not just that their GDP is [strong] — it's that they facilitate the GDP of the United States, and of China to some degree, and other countries around the world with the work of not just TSMC, but UMC (United Microelectronics Corporation) and other semiconductor manufacturing equipment companies here. They certainly are the drivers in logic chips and the later-generation logic chips of the 3-5-7 nanometer.
Kelly: And these are the chips and the semiconductors that are basically used in almost everything that we consume today, whether it's cars or phones.
RADM Montgomery: They're used in almost everything. Your phone, your kids’ Xbox. The computer next to your feet in your F-150 truck or in your car is full of TSMC chips. And then of course, in the end, they do a lot of the Nvidia chips that drive the AI and data-center computational power that we see.
The intersection of technology, defense, space and intelligence is critical to future U.S. national security. Join The Cipher Brief on June 5th and 6th in Austin, Texas for the NatSecEDGE conference. Find out how to get an invitation to this invite-only event at natsecedge.com
Kelly: One of the things in Ukraine that was very concerning early on was that Russia had used Ukraine as almost a test bed for cyberattacks. When we look now at Taiwan, according to the National Security Bureau of Taiwan, attacks that were sponsored by the Chinese government have doubled in 2024 to more than 2.4 million a day against government entities in Taiwan. Give us a sense of how they're coping with this and how they're planning for their own defense if there is more of an aggressive action in terms of bringing Taiwan back into China.
RADM Montgomery: I want to separate two things because you brought up a great point. What's the threat from China? I'm not sure it's those distributed denial-of-service or pinging attacks that are just kind of checking out, mapping surfaces. I'm much more worried about their successful penetrations of networks and their installation of malware to come back at a later date and conduct destructive or disruptive behavior. In the United States, we called that operation Volt Typhoon, after the advanced persistent threat team from China that did it.
I'll just say that if China is screwing with our critical infrastructure to X degree, they're screwing with the Japanese critical infrastructure to 2X and the Taiwan infrastructure to 5X. Almost as worrisome as the big numbers you mentioned for those broader attacks are the specific directed attacks against their infrastructure. It is pervasive, comprehensive, and persistent. The Chinese are really in there, they're working it hard.
The Taiwanese struggle with this. They're like us, they're a democracy. A lot of their critical infrastructure is run by private industry, and in their private industry, there's one power company, not the seven or eight big ones that are in the United States, and one big telecom company. So it's a little different, but it's still the private sector and they still have a lot of work to do to get together to secure all these networks that we've been talking about. So the short answer is: it's a big deal that Taiwan is getting attacked like this, and they're really not ready for it, and I think it's going to pressurize the situation during a crisis.
Kelly: What are the solutions here? Who needs to step up and help — the U.S. government?
RADM Montgomery: I think it's a couple of things. We do tabletop exercises where we look at cyber-enabled economic warfare. That's the mixing of financial attacks that could be cyber-based but are often just like removal of access, tough love from Chinese banks to Taiwanese companies operating their company or blocking of remittances. In addition, there's energy attacks. They could be cyber or they could be a missile closure area around where LNG (liquefied natural gas) is delivered. And then finally, communications attacks. They could be cyber. They could be anchors being dropped on cables.
We looked at all of those and studied them, and it was tough. When done right, China was able to crank up the pressure just beneath where the U.S. would come and respond, or the Japanese or the Australians, responding after us. So Taiwan was alone under severe pressure. [China] just kept it for two, three, four months and eventually it breaks the resilience.
The good news is, you do this tabletop and you start to say, well, what are actions we could have taken? What if we had this capability, that capability? You start to identify them and then you say, these are 10 or 15 things we can do two to three years before an event to be better prepared. Here's five or six things we can do at the initiation of an event to be more resilient and recoverable. And then here's the five or six things we can do in recovery, but it's good to have practiced them so we're more efficient and effective. So now you have a list of 15 to 20 things that need to be done.
I'll give you one example: if they do a virtual closure area or some kind of cyberattack that takes out LNG, and [the U.S.] has to bring in LNG shipping, and [China is] running this virtual quarantine around Taiwan, we may need to reflag the ships and escort them in, like we did with Kuwait during the tanker wars. We've got to study, where's the LNG coming from? Are there countries that are favorable to do this kind of reflagging? It's mostly Australia, the U.S., but also Qatar. Are they getting the LNG from the right countries? Can they align themselves to more countries guaranteed to be friendly?
There's all these things Taiwan can do that make it so that when the cyberattack happens, it has less impact. But those are things you’ve got to do and you got to practice. Let me just tell you what the lawyer gaggle will be like if you try to put this together for the first time in the middle of the crisis: there's going to be 100 reasons you hear “no.” Well, I'd like to hear them all ahead of time during a practice event, three months or six months or nine months ahead of time, work my way through all the “no”s, and then be ready to do that kind of exercise or operation when a real crisis happens.
The Cipher Brief Honors Dinner is on April 18th in Washington D.C. Apply now for your seat at the most glamorous spy dinner of the year. Find out more about this invite-only event at cipherbriefhonors.com
Kelly: You wrote a piece not long ago in The Cipher Brief about Volt Typhoon and the suspected targeting of critical infrastructure in Guam. Kind of a big deal, because Guam is really essential to U.S. Navy operations in the Pacific. Talk to us a little bit more about why that's such a top issue for you as well.
RADM Montgomery: Guam is a critical node for Indo-Pacom's warfighting capability, both naval and air, which is pretty important in an air maritime campaign. All the services are there. The Navy's got submarines there, critical submarines that have to be able to get underway, get out and carry out the fight, come back in, reload, go back out. The Air Force operates a magnificently large airfield at Anderson. The Army guards it with THAAD, which is a Theater Air Defense System. And then the Marines are moving into Guam, because years ago we made a deal to trim the size of our Marine Corps in Okinawa and move them to Guam, slightly out of the missile range of Japan. The missile range is caught up and Guam's in it as well.
Guam has to be defended. It’s not surprising to people like me who write war plans, that an area where the Chinese had really worked on our critical infrastructure was Guam. It was in the communications networks and other networks, and clearly their goal was to bring the critical assets within Guam's critical infrastructure to their knees during a crisis by having disruptive or destructive events occur, during a crisis or casualty. Hitting these forward-deployed forces is a big deal. I talk a lot about military mobility and the stuff back in CONUS (continental United States) being able to come out. Well, it's even a bigger deal if you can't receive it and your forces that are out there are kind of trapped or limited because the Guam infrastructure doesn't work.
I would say this applies to both Japan, maybe the Philippines and Taiwan and Australia. The countries that we have to fight with and through have to have critical infrastructure at the same high quality as ours because we want our forces to be able to seamlessly fight with and through those countries' infrastructures.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief
