Hackers known as the Winnti Group were behind ransomware attacks on Taiwan’s two largest fuel suppliers, the Ministry of Justice Investigation Bureau said on Friday, adding that similar attacks on 10 domestic companies are likely in the next few days.
On May 4, state-run CPC Corp, Taiwan announced that its computer system had been infected with ransomware, causing payment issues at gas stations.
Formosa Petrochemical Corp reported similar issues the following day, and shut down its computer systems.
Powertech Technology Inc, a Hsinchu-based semiconductor firm, also reported a ransomware attack on May 5.
The bureau said that the Winnti Group, which is believed to be from China, likely had access to the firms’ computer systems for months before it carried out the attacks.
Liu Chia-jung (劉家榮), deputy director of the bureau’s Information Security Workstation, said that the hackers gained access to the companies’ Active Directory — a service for managing computers and other devices within a network — and used its task scheduling function to distribute the ransomware throughout each company’s computer network.
When employees’ computers tried to access the network at the start of the work day, a message appeared stating that their files had been encrypted and demanding a ransom of US$3,000 to unlock them, Liu said.
The bureau has asked international authorities investigating six German and Swiss e-mail accounts believed to be connected to the crimes for help, Liu said.
It has also asked US authorities to investigate a US-based company from which the group rented a virtual private server.
The bureau said it had information that the hackers planned to carry out similar attacks on 10 other Taiwanese companies in the next few days, but added that it did not know which are being targeted.
The bureau said that it has advised companies on several steps they could take to improve their digital security.
CPC, which local media reported was suffering computer issues again on Thursday, released a statement on Friday blaming the issue on an operational error, and said that it had strengthened its information security procedures following the May 4 attack.
INFRASTRUCTURE: Work on the second segment, from Kaohsiung to Pingtung, is expected to begin in 2028 and be completed by 2039, the railway bureau said Planned high-speed rail (HSR) extensions would blanket Taiwan proper in four 90-minute commute blocs to facilitate regional economic and livelihood integration, Railway Bureau Deputy Director-General Yang Cheng-chun (楊正君) said in an interview published yesterday. A project to extend the high-speed rail from Zuoying Station in Kaohsiung to Pingtung County’s Lioukuaicuo Township (六塊厝) is the first part of the bureau’s greater plan to expand rail coverage, he told the Liberty Times (sister paper of the Taipei Times). The bureau’s long-term plan is to build a loop to circle Taiwan proper that would consist of four sections running from Taipei to Hualien, Hualien to
The Civil Aviation Administration yesterday said that it is considering punishments for China Airlines (CAL) and Starlux Airlines for making hard landings and overworking their cabin crew when the nation was hit by Typhoon Kong-rey in October last year. The civil aviation authority launched an investigation after media reported that many airlines were forced to divert their flights to different airports or go around after failing to land when the typhoon affected the nation on Oct. 30 and 31 last year. The agency reviewed 503 flights dispatched by Taiwanese airlines during those two days, as well as weather data, flight hours
Three people have had their citizenship revoked after authorities confirmed that they hold Chinese ID cards, Mainland Affairs Council (MAC) Deputy Minister and spokesman Liang Wen-chieh (梁文傑) said yesterday. Two of the three people were featured in a recent video about Beijing’s “united front” tactics by YouTuber Pa Chiung (八炯) and Taiwanese rapper Chen Po-yuan (陳柏源), including Su Shi-en (蘇士恩), who displayed a Chinese ID card in the video, and taekwondo athlete Lee Tung-hsien (李東憲), who mentioned he had obtained a Chinese ID card in a telephone call with Chen, Liang told the council’s weekly news conference. Lee, who reportedly worked in
A relatively large earthquake may strike within the next two weeks, following a magnitude 5.2 temblor that shook Taitung County this morning, the Central Weather Administration (CWA) said. An earthquake struck at 8:18am today 10.2km west of Taitung County Hall in Taitung City at a relatively shallow depth of 6.5km, CWA data showed. The largest intensity of 4 was felt in Taitung and Pingtung counties, which received an alert notice, while areas north of Taichung did not feel any shaking, the CWA said. The earthquake was the result of the collision between the Philippine Plate and the Eurasian Plate, the agency said, adding
RSS