The Executive Yuan has approved a list of “critical infrastructure” that is part of bolstering the nation’s information security, sources said yesterday.

The critical industries and facilities include the transportation industry, broadcasting networks, the banking and financial sector, hospitals and science parks nationwide, sources added.

All establishments and facilities designated as “critical infrastructure service providers” must submit an information safety plan, and if it is deemed inadequate, they must provide a detailed report to the authorities on how they would eliminate shortcomings and shore up their information technology safety, the sources said.

Government agencies have stepped up their information security measures, so they do not need to submit another plan, they added.

While President Tsai Ing-wen’s administration has often stressed that it equates information security to national security, the nation has seen a number of attacks over the years, including a hack into First Commercial Bank’s ATMs in 2016, a ransomware attack on CPC Corp, Taiwan’s systems on May 4 and the leaking of files from the Presidential Office on May 15.

While sources from the Executive Yuan yesterday said that they could not name which establishments or facilities are considered “critical infrastructure,” critical infrastructure service providers would purportedly include the Taiwan High Speed Rail (THSR); the Taiwan Railways Administration (TRA); the Hsinchu, Taichung and Tainan science parks; Chunghwa Telecom; National Taiwan University Hospital; and Mega Financial Holding.

The THSR and TRA are major transportation providers, and Chunghwa Telecom is the largest and most important network service provider, while a cyberattack against the science parks could affect the nation’s supply chains.