A suspected Chinese state-sponsored hacking group has stepped up its targeting of Taiwanese organizations, particularly those in government, education, technology and diplomacy sectors, a report by cybersecurity intelligence company Recorded Future said.
The cyberattacks by the group known as RedJuliett were observed between November last year and April, during the lead-up to the presidential and legislative elections in January and the subsequent change in administration.
RedJuliett has targeted Taiwanese organizations in the past, but this is the first time that activity was seen at such a scale, a Recorded Future analyst said, speaking on condition of anonymity out of safety concerns.
Photo: Reuters
The report said that RedJuliett attacked 24 organizations, including government agencies in places like Laos, Kenya and Rwanda, as well as Taiwan.
It also hacked into Web sites of religious organizations in Hong Kong and South Korea, a US university and a Djiboutian university. The report did not identify the organizations.
Recorded Future said RedJuliett accessed the servers of those places through a vulnerability in their SoftEther enterprise virtual private network (VPN) software, an open-source VPN that allows remote connections to an organization’s networks.
RedJuliett has been observed attempting to break into systems of more than 70 Taiwanese organizations including three universities, an optoelectronics company and a facial recognition company that has contracts with the government.
It was unclear if RedJuliett managed to break into those organizations: Recorded Future only said it observed the attempts to identify vulnerabilities in their networks.
RedJuliett’s hacking patterns match those of Chinese state-sponsored groups, Recorded Future said.
Based on the geolocations of Internet protocol addresses, RedJuliett is likely based out of Fuzhou, in China’s Fujian Province, the coast of which faces Taiwan, it said.
“Given the close geographical proximity between Fuzhou and Taiwan, Chinese intelligence services operating in Fuzhou are likely tasked with intelligence collection against Taiwanese targets,” the Recorded Future report said.
“RedJuliett is likely targeting Taiwan to collect intelligence and support Beijing’s policymaking on cross-strait relations,” it said.
The Ministry of Foreign Affairs and the Chinese Ministry of Foreign Affairs did not immediately comment.
Microsoft in August last year reported that RedJuliett, which the US company tracks under the name Flax Typhoon, was targeting Taiwanese organizations.
China has in the past few years stepped up military drills around Taiwan and imposed economic and diplomatic pressure on the nation.
Relations between Taipei and Beijing worsened after the election of William Lai (賴清德), who China has deemed a “separatist,” after he said in his inauguration speech that Taiwan and China were not subordinate to each other.
Like his predecessor Tsai Ing-wen (蔡英文), Lai has said that there is no need to declare Taiwanese independence because it is already an independent sovereign state.
Like many other countries including the US, China has been known to engage in cyberespionage. Earlier this year, the US and the UK accused China of a sweeping cyberespionage campaign that allegedly affected millions of people.
Beijing has consistently denied engaging in any form of state-sponsored hacking, instead saying that China itself is a major target of cyberattacks.
According to Recorded Future, Chinese state-sponsored groups will likely continue to target Taiwanese government agencies, universities and critical technology companies via “public-facing” devices such as open-source VPN software, which provide limited visibility and logging capabilities.
Companies and organizations can best protect themselves by prioritizing and patching vulnerabilities once they become known, Recorded Future’s threat intelligence analyst said.
‘DENIAL DEFENSE’: The US would increase its military presence with uncrewed ships, and submarines, while boosting defense in the Indo-Pacific, a Pete Hegseth memo said The US is reorienting its military strategy to focus primarily on deterring a potential Chinese invasion of Taiwan, a memo signed by US Secretary of Defense Pete Hegseth showed. The memo also called on Taiwan to increase its defense spending. The document, known as the “Interim National Defense Strategic Guidance,” was distributed this month and detailed the national defense plans of US President Donald Trump’s administration, an article in the Washington Post said on Saturday. It outlines how the US can prepare for a potential war with China and defend itself from threats in the “near abroad,” including Greenland and the Panama
The High Prosecutors’ Office yesterday withdrew an appeal against the acquittal of a former bank manager 22 years after his death, marking Taiwan’s first instance of prosecutors rendering posthumous justice to a wrongfully convicted defendant. Chu Ching-en (諸慶恩) — formerly a manager at the Taipei branch of BNP Paribas — was in 1999 accused by Weng Mao-chung (翁茂鍾), then-president of Chia Her Industrial Co, of forging a request for a fixed deposit of US$10 million by I-Hwa Industrial Co, a subsidiary of Chia Her, which was used as collateral. Chu was ruled not guilty in the first trial, but was found guilty
A wild live dugong was found in Taiwan for the first time in 88 years, after it was accidentally caught by a fisher’s net on Tuesday in Yilan County’s Fenniaolin (粉鳥林). This is the first sighting of the species in Taiwan since 1937, having already been considered “extinct” in the country and considered as “vulnerable” by the International Union for Conservation of Nature. A fisher surnamed Chen (陳) went to Fenniaolin to collect the fish in his netting, but instead caught a 3m long, 500kg dugong. The fisher released the animal back into the wild, not realizing it was an endangered species at
DEADLOCK: As the commission is unable to forum a quorum to review license renewal applications, the channel operators are not at fault and can air past their license date The National Communications Commission (NCC) yesterday said that the Public Television Service (PTS) and 36 other television and radio broadcasters could continue airing, despite the commission’s inability to meet a quorum to review their license renewal applications. The licenses of PTS and the other channels are set to expire between this month and June. The National Communications Commission Organization Act (國家通訊傳播委員會組織法) stipulates that the commission must meet the mandated quorum of four to hold a valid meeting. The seven-member commission currently has only three commissioners. “We have informed the channel operators of the progress we have made in reviewing their license renewal applications, and