A suspected Chinese state-sponsored hacking group has stepped up its targeting of Taiwanese organizations, particularly those in government, education, technology and diplomacy sectors, a report by cybersecurity intelligence company Recorded Future said.
The cyberattacks by the group known as RedJuliett were observed between November last year and April, during the lead-up to the presidential and legislative elections in January and the subsequent change in administration.
RedJuliett has targeted Taiwanese organizations in the past, but this is the first time that activity was seen at such a scale, a Recorded Future analyst said, speaking on condition of anonymity out of safety concerns.
Photo: Reuters
The report said that RedJuliett attacked 24 organizations, including government agencies in places like Laos, Kenya and Rwanda, as well as Taiwan.
It also hacked into Web sites of religious organizations in Hong Kong and South Korea, a US university and a Djiboutian university. The report did not identify the organizations.
Recorded Future said RedJuliett accessed the servers of those places through a vulnerability in their SoftEther enterprise virtual private network (VPN) software, an open-source VPN that allows remote connections to an organization’s networks.
RedJuliett has been observed attempting to break into systems of more than 70 Taiwanese organizations including three universities, an optoelectronics company and a facial recognition company that has contracts with the government.
It was unclear if RedJuliett managed to break into those organizations: Recorded Future only said it observed the attempts to identify vulnerabilities in their networks.
RedJuliett’s hacking patterns match those of Chinese state-sponsored groups, Recorded Future said.
Based on the geolocations of Internet protocol addresses, RedJuliett is likely based out of Fuzhou, in China’s Fujian Province, the coast of which faces Taiwan, it said.
“Given the close geographical proximity between Fuzhou and Taiwan, Chinese intelligence services operating in Fuzhou are likely tasked with intelligence collection against Taiwanese targets,” the Recorded Future report said.
“RedJuliett is likely targeting Taiwan to collect intelligence and support Beijing’s policymaking on cross-strait relations,” it said.
The Ministry of Foreign Affairs and the Chinese Ministry of Foreign Affairs did not immediately comment.
Microsoft in August last year reported that RedJuliett, which the US company tracks under the name Flax Typhoon, was targeting Taiwanese organizations.
China has in the past few years stepped up military drills around Taiwan and imposed economic and diplomatic pressure on the nation.
Relations between Taipei and Beijing worsened after the election of William Lai (賴清德), who China has deemed a “separatist,” after he said in his inauguration speech that Taiwan and China were not subordinate to each other.
Like his predecessor Tsai Ing-wen (蔡英文), Lai has said that there is no need to declare Taiwanese independence because it is already an independent sovereign state.
Like many other countries including the US, China has been known to engage in cyberespionage. Earlier this year, the US and the UK accused China of a sweeping cyberespionage campaign that allegedly affected millions of people.
Beijing has consistently denied engaging in any form of state-sponsored hacking, instead saying that China itself is a major target of cyberattacks.
According to Recorded Future, Chinese state-sponsored groups will likely continue to target Taiwanese government agencies, universities and critical technology companies via “public-facing” devices such as open-source VPN software, which provide limited visibility and logging capabilities.
Companies and organizations can best protect themselves by prioritizing and patching vulnerabilities once they become known, Recorded Future’s threat intelligence analyst said.
SEND A MESSAGE: Sinking the amphibious assault ship, the lead warship of its class, is meant to show China the US Navy is capable of sinking their ships, an analyst said The US and allied navies plan to sink a 40,000-tonne ship at the latest Rim of the Pacific (RIMPAC) exercise to simulate defeating a Chinese amphibious assault on Taiwan. This year’s RIMPAC — the 29th iteration of the world’s largest naval exercise — involves the US, 28 partners, more than 25,000 personnel, 40 warships, three submarines and more than 150 aircraft operating in and around Hawaii from yesterday to Aug. 1, the US Navy said in a press release. The major components of the event include multidomain warfare exercises in multiship surface engagements, anti-submarine warfare and multi-axis defense of a carrier strike
Passengers aboard Korean Airlines Flight KE189 arrived in Taichung safely yesterday after a scare the previous day encountering uncontrolled decompression, which injured 13 passengers. Flight KE189 departed from Incheon at 4:45pm on Saturday bound for Taichung with 125 passengers on board. The flight was above Jeju Island when a fault in the pressurization system occurred 50 minutes after takeoff. Online flight tracker Flightradar24’s data show that the plane dropped more than 8,000 meters within 15 minutes, before it returned and landed back at Incheon Airport at 19:38pm. Thirteen passengers on board had a headache or earache due to the incident and were hospitalized. A different
China might seek to isolate Taiwan and weaken its economy through a “quarantine,” which would make it difficult for the US to respond and force Taipei to negotiate on unification, CNN reported on Saturday. Chinese President Xi Jinping’s (習近平) “increasingly bellicose actions” toward Taiwan have heightened concerns that Beijing would use its military against Taiwan, it said, citing a report by think tank the Center for Strategic and International Studies (CSIS). However, China might choose to initiate a quarantine, rather than a military invasion of Taiwan, to avoid US involvement, it said. “A quarantine [is] a law enforcement-led operation to control
A new message broadcast on the Taipei MRT’s Wenhu (Brown) Line urging passengers to yield their seats to those in need, not necessarily elderly people, would be extended to other MRT lines and public transportation in the capital, Taipei Mayor Chiang Wan-an (蔣萬安) said yesterday. Chiang was responding to reporters’ questions on the sidelines of a news conference at Taipei City Hall promoting healthy walking. Several disputes over priority seats on public transportation have recently been reported, sparking debate about who qualifies to sit in them, as most of the cases involved elderly people asking young people to give up their