Chinese hackers have allegedly attacked Taiwanese targets, including local news organizations and the Democratic Progressive Party (DPP), in a bid to get information about policies and speeches ahead of next month’s presidential and legislative elections.
An attack on the unnamed media outlets came in the form of phishing e-mails with the subject line “DPP’s Contact Information Update,” according to research by security company FireEye, which identified a Chinese state-backed group called APT16 as carrying out the attacks.
Hackers also infiltrated e-mails of party staff, changing security protocols and writing messages spoofing the account holders in what might have been an attempt to deliver malicious code, according to one of the victims.
Opinion polls show the DPP is likely to win a legislative majority in the Jan. 16 elections, with DPP Chairperson Tsai Ing-wen (蔡英文) expected to secure the presidency after eight years of Chinese Nationalist Party (KMT) rule.
China is wary of the DPP’s views on Taiwanese independence and advocacy of more caution in its relationship with China.
As well as not wanting the DPP in power, China might want to understand the party better to be able to undermine it with access to non-public information, FireEye principal threat intelligence analyst Jordan Berry said by telephone.
“There’s a lot of people in China who want and need information for their own intelligence purposes,” Berry said.
The Chinese Ministry of Foreign Affairs did not reply to a faxed request for comment.
Another target appears to be former American Institute in Taiwan director William Stanton, who said he has received multiple warnings from Google that his Gmail account might be targeted by government hackers.
“If you were directed to this page from a warning displayed above your Gmail inbox, we believe that state-sponsored attackers may be attempting to compromise your account or computer,” the warning read, without identifying the nation. “It’s likely that you received e-mails containing malicious attachments, links to malicious software downloads, or links to fake Web sites that are designed to steal your passwords or other personal information.”
Stanton, who was the agency’s director from 2009 to 2012 in a position akin to ambassador, told Bloomberg News he believes he is being targeted because of his former role, as well as his current position as director of National Tsing Hua University’s Center for Asia Policy.
While the DPP has been under attack for months, the frequency of attacks has increased in the past few weeks, said DPP deputy director of international affairs Ketty Chen (陳婉宜), who was among as many as 50 DPP staff targeted by hackers. She said she was alerted when she noticed inconsistencies in the writing style of a colleague in internal correspondence.
“There were fake e-mails that looked like they came from her,” Chen said. “When I read it, the style was not how she would write, so I called to ask if she really sent them, and she said that she had not.”
Chen received e-mails purporting to come from Tsai’s speechwriter and another from a member of the DPP’s cross-strait policy team. In each case, the e-mail asked the recipient to open an attachment purporting to be a draft document.
Hackers typically send e-mails to targets hoping they open attachments loaded with malware that infiltrate their computers, providing links to colleagues’ computers and contacts.
Due to concerns over the security of their work accounts, some DPP staff switched to Gmail, Chen said. Chen’s Gmail account was compromised when hackers turned off the two-step identification verification process by deleting her mobile number and adding a forwarding address so that all incoming e-mails went to an external Gmail account.
The allegations come weeks after China’s state-run Xinhua news agency reported that an investigation into an alleged theft of data from the US Office of Personnel Management had shown the attack was carried out by criminals, rather than being state-sponsored as previously suspected by the US government.
DPP spokesman Wang Min-sheng (王閔生) said that, to prevent leaks of confidential information, the party must take data security measures, such as never transmitting classified information via the internet.
Additional reporting by Su Feng-ho
AIR DEFENSE: The Norwegian missile system has proved highly effective in Ukraine in its war against Russia, and the US has recommended it for Taiwan, an expert said The Norwegian Advanced Surface-to-Air Missile Systems (NASAMS) Taiwan ordered from the US would be installed in strategically important positions in Taipei and New Taipei City to guard the region, the Ministry of National Defense said in statement yesterday. The air defense system would be deployed in Taipei’s Songshan District (松山) and New Taipei City’s Tamsui District (淡水), the ministry said, adding that the systems could be delivered as soon as the end of this year. The US Defense Security Cooperation Agency has previously said that three NASAMS would be sold to Taiwan. The weapons are part of the 17th US arms sale to
SERIOUS ALLEGATIONS: The suspects formed spy networks and paramilitary groups to kill government officials during a possible Chinese invasion, prosecutors said Prosecutors have indicted seven retired military officers, members of the Rehabilitation Alliance Party, for allegedly obtaining funds from China, and forming paramilitary groups and assassination squads in Taiwan to collaborate with Chinese troops in a possible war. The suspects contravened the National Security Act (國家安全法) by taking photos and drawing maps of key radar stations, missile installations and the American Institute in Taiwan’s headquarters in Taipei, prosecutors said. They allegedly prepared to collaborate with China during a possible invasion of Taiwan, prosecutors said. Retired military officer Chu Hung-i (屈宏義), 62, a Republic of China Army Academy graduate, went to China
INSURRECTION: The NSB said it found evidence the CCP was seeking snipers in Taiwan to target members of the military and foreign organizations in the event of an invasion The number of Chinese spies prosecuted in Taiwan has grown threefold over a four-year period, the National Security Bureau (NSB) said in a report released yesterday. In 2021 and 2022, 16 and 10 spies were prosecuted respectively, but that number grew to 64 last year, it said, adding that the Chinese Communist Party (CCP) was working with gangs in Taiwan to develop a network of armed spies. Spies in Taiwan have on behalf of the CCP used a variety of channels and methods to infiltrate all sectors of the country, and recruited Taiwanese to cooperate in developing organizations and obtaining sensitive information
BREAKTHROUGH: The US is making chips on par in yield and quality with Taiwan, despite people saying that it could not happen, the official said Taiwan Semiconductor Manufacturing Co (TSMC, 台積電) has begun producing advanced 4-nanometer (nm) chips for US customers in Arizona, US Secretary of Commerce Gina Raimondo said, a milestone in the semiconductor efforts of the administration of US President Joe Biden. In November last year, the commerce department finalized a US$6.6 billion grant to TSMC’s US unit for semiconductor production in Phoenix, Arizona. “For the first time ever in our country’s history, we are making leading edge 4-nanometer chips on American soil, American workers — on par in yield and quality with Taiwan,” Raimondo said, adding that production had begun in recent
RSS