Hackers known as the Winnti Group were behind ransomware attacks on Taiwan’s two largest fuel suppliers, the Ministry of Justice Investigation Bureau said on Friday, adding that similar attacks on 10 domestic companies are likely in the next few days.
On May 4, state-run CPC Corp, Taiwan announced that its computer system had been infected with ransomware, causing payment issues at gas stations.
Formosa Petrochemical Corp reported similar issues the following day, and shut down its computer systems.
Powertech Technology Inc, a Hsinchu-based semiconductor firm, also reported a ransomware attack on May 5.
The bureau said that the Winnti Group, which is believed to be from China, likely had access to the firms’ computer systems for months before it carried out the attacks.
Liu Chia-jung (劉家榮), deputy director of the bureau’s Information Security Workstation, said that the hackers gained access to the companies’ Active Directory — a service for managing computers and other devices within a network — and used its task scheduling function to distribute the ransomware throughout each company’s computer network.
When employees’ computers tried to access the network at the start of the work day, a message appeared stating that their files had been encrypted and demanding a ransom of US$3,000 to unlock them, Liu said.
The bureau has asked international authorities investigating six German and Swiss e-mail accounts believed to be connected to the crimes for help, Liu said.
It has also asked US authorities to investigate a US-based company from which the group rented a virtual private server.
The bureau said it had information that the hackers planned to carry out similar attacks on 10 other Taiwanese companies in the next few days, but added that it did not know which are being targeted.
The bureau said that it has advised companies on several steps they could take to improve their digital security.
CPC, which local media reported was suffering computer issues again on Thursday, released a statement on Friday blaming the issue on an operational error, and said that it had strengthened its information security procedures following the May 4 attack.
SEND A MESSAGE: Sinking the amphibious assault ship, the lead warship of its class, is meant to show China the US Navy is capable of sinking their ships, an analyst said The US and allied navies plan to sink a 40,000-tonne ship at the latest Rim of the Pacific (RIMPAC) exercise to simulate defeating a Chinese amphibious assault on Taiwan. This year’s RIMPAC — the 29th iteration of the world’s largest naval exercise — involves the US, 28 partners, more than 25,000 personnel, 40 warships, three submarines and more than 150 aircraft operating in and around Hawaii from yesterday to Aug. 1, the US Navy said in a press release. The major components of the event include multidomain warfare exercises in multiship surface engagements, anti-submarine warfare and multi-axis defense of a carrier strike
Taiwanese could risk being extradited to China when traveling in countries with close ties to Beijing, Taiwan Association of University Professors deputy chairman Chen Li-fu (陳俐甫) said on Friday. Chen’s comments came after China on Friday last week announced new judicial guidelines targeting Taiwanese independence advocates. Myanmar, Cambodia, Laos and Djibouti are among the countries where Taiwanese could risk being extradited to China, he said. The Mainland Affairs Council (MAC) on Thursday elevated the travel alert for China, Hong Kong and Macau to “orange” after Beijing announced its guidelines to “severely punish Taiwanese independence diehards for splitting the country and inciting secession.” Extradition treaties
The airspace around Taiwan Taoyuan International Airport and Taipei International Airport (Songshan airport) is to be closed for an hour on July 25 and July 23 respectively, due to the Han Kuang military exercises, the Ministry of National Defense said yesterday. The annual exercise is to be held on Taiwan proper and its outlying islands from July 22 to 26. During last year’s exercise, the military conducted anti-aircraft landing drills at the Taoyuan airport for the first time, for which a one-hour no-fly ban was issued. Based on a live-fire bulletin sent out by the Maritime and Port Bureau, the nation’s
Taiwan and Thailand have signed an agreement to promote and protect bilateral investment and trade, the Executive Yuan’s Office of Trade Negotiations (OTN) said on Friday. The agreement on “Promotion and Protection of Investments” was signed by Representative to Thailand Chang Chun-fu (張俊福) and Thailand Trade and Economic Office in Taipei executive director Narong Boonsatheanwong on Thursday, the OTN said in a news release. Thailand has become the fifth trading partner to sign an investment agreement with Taiwan since 2016, following earlier agreements with the Philippines, India, Vietnam and Canada, the OTN said. The deal marks a significant milestone in the development of