Hackers known as the Winnti Group were behind ransomware attacks on Taiwan’s two largest fuel suppliers, the Ministry of Justice Investigation Bureau said on Friday, adding that similar attacks on 10 domestic companies are likely in the next few days.
On May 4, state-run CPC Corp, Taiwan announced that its computer system had been infected with ransomware, causing payment issues at gas stations.
Formosa Petrochemical Corp reported similar issues the following day, and shut down its computer systems.
Powertech Technology Inc, a Hsinchu-based semiconductor firm, also reported a ransomware attack on May 5.
The bureau said that the Winnti Group, which is believed to be from China, likely had access to the firms’ computer systems for months before it carried out the attacks.
Liu Chia-jung (劉家榮), deputy director of the bureau’s Information Security Workstation, said that the hackers gained access to the companies’ Active Directory — a service for managing computers and other devices within a network — and used its task scheduling function to distribute the ransomware throughout each company’s computer network.
When employees’ computers tried to access the network at the start of the work day, a message appeared stating that their files had been encrypted and demanding a ransom of US$3,000 to unlock them, Liu said.
The bureau has asked international authorities investigating six German and Swiss e-mail accounts believed to be connected to the crimes for help, Liu said.
It has also asked US authorities to investigate a US-based company from which the group rented a virtual private server.
The bureau said it had information that the hackers planned to carry out similar attacks on 10 other Taiwanese companies in the next few days, but added that it did not know which are being targeted.
The bureau said that it has advised companies on several steps they could take to improve their digital security.
CPC, which local media reported was suffering computer issues again on Thursday, released a statement on Friday blaming the issue on an operational error, and said that it had strengthened its information security procedures following the May 4 attack.
The Mainland Affairs Council (MAC) today condemned the Chinese Communist Party (CCP) after the Czech officials confirmed that Chinese agents had surveilled Vice President Hsiao Bi-khim (蕭美琴) during her visit to Prague in March last year. Czech Military Intelligence director Petr Bartovsky yesterday said that Chinese operatives had attempted to create the conditions to carry out a demonstrative incident involving Hsiao, going as far as to plan a collision with her car. Hsiao was vice president-elect at the time. The MAC said that it has requested an explanation and demanded a public apology from Beijing. The CCP has repeatedly ignored the desires
Many Chinese spouses required to submit proof of having renounced their Chinese household registration have either completed the process or provided affidavits ahead of the June 30 deadline, the Mainland Affairs Council (MAC) said on Thursday. Of the 12,146 people required to submit the proof, 5,534 had done so as of Wednesday, MAC deputy head and spokesperson Liang Wen-chieh (梁文傑) said. Another 2,572 people who met conditions for exemption or deferral from submitting proof of deregistration — such as those with serious illnesses or injuries — have submitted affidavits instead, he said. “As long as individuals are willing to cooperate with the legal
The Ma-anshan Nuclear Power Plant’s license has expired and it cannot simply be restarted, the Executive Yuan said today, ahead of national debates on the nuclear power referendum. The No. 2 reactor at the Ma-anshan Nuclear Power Plant in Pingtung County was disconnected from the nation’s power grid and completely shut down on May 17, the day its license expired. The government would prioritize people’s safety and conduct necessary evaluations and checks if there is a need to extend the service life of the reactor, Executive Yuan spokeswoman Michelle Lee (李慧芝) told a news conference. Lee said that the referendum would read: “Do
Taiwan's Vice President Hsiao Bi-khim (蕭美琴) said Saturday that she would not be intimidated by the Chinese Communist Party (CCP), following reports that Chinese agents planned to ram her car during a visit to the Czech Republic last year. "I had a great visit to Prague & thank the Czech authorities for their hospitality & ensuring my safety," Hsiao said on social media platform X. "The CCP's unlawful activities will NOT intimidate me from voicing Taiwan's interests in the international community," she wrote. Hsiao visited the Czech Republic on March 18 last year as vice president-elect and met with Czech Senate leadership, including