A suspected Chinese state-sponsored hacking group has stepped up its targeting of Taiwanese organizations, particularly those in government, education, technology and diplomacy sectors, a report by cybersecurity intelligence company Recorded Future said.
The cyberattacks by the group known as RedJuliett were observed between November last year and April, during the lead-up to the presidential and legislative elections in January and the subsequent change in administration.
RedJuliett has targeted Taiwanese organizations in the past, but this is the first time that activity was seen at such a scale, a Recorded Future analyst said, speaking on condition of anonymity out of safety concerns.
Photo: Reuters
The report said that RedJuliett attacked 24 organizations, including government agencies in places like Laos, Kenya and Rwanda, as well as Taiwan.
It also hacked into Web sites of religious organizations in Hong Kong and South Korea, a US university and a Djiboutian university. The report did not identify the organizations.
Recorded Future said RedJuliett accessed the servers of those places through a vulnerability in their SoftEther enterprise virtual private network (VPN) software, an open-source VPN that allows remote connections to an organization’s networks.
RedJuliett has been observed attempting to break into systems of more than 70 Taiwanese organizations including three universities, an optoelectronics company and a facial recognition company that has contracts with the government.
It was unclear if RedJuliett managed to break into those organizations: Recorded Future only said it observed the attempts to identify vulnerabilities in their networks.
RedJuliett’s hacking patterns match those of Chinese state-sponsored groups, Recorded Future said.
Based on the geolocations of Internet protocol addresses, RedJuliett is likely based out of Fuzhou, in China’s Fujian Province, the coast of which faces Taiwan, it said.
“Given the close geographical proximity between Fuzhou and Taiwan, Chinese intelligence services operating in Fuzhou are likely tasked with intelligence collection against Taiwanese targets,” the Recorded Future report said.
“RedJuliett is likely targeting Taiwan to collect intelligence and support Beijing’s policymaking on cross-strait relations,” it said.
The Ministry of Foreign Affairs and the Chinese Ministry of Foreign Affairs did not immediately comment.
Microsoft in August last year reported that RedJuliett, which the US company tracks under the name Flax Typhoon, was targeting Taiwanese organizations.
China has in the past few years stepped up military drills around Taiwan and imposed economic and diplomatic pressure on the nation.
Relations between Taipei and Beijing worsened after the election of William Lai (賴清德), who China has deemed a “separatist,” after he said in his inauguration speech that Taiwan and China were not subordinate to each other.
Like his predecessor Tsai Ing-wen (蔡英文), Lai has said that there is no need to declare Taiwanese independence because it is already an independent sovereign state.
Like many other countries including the US, China has been known to engage in cyberespionage. Earlier this year, the US and the UK accused China of a sweeping cyberespionage campaign that allegedly affected millions of people.
Beijing has consistently denied engaging in any form of state-sponsored hacking, instead saying that China itself is a major target of cyberattacks.
According to Recorded Future, Chinese state-sponsored groups will likely continue to target Taiwanese government agencies, universities and critical technology companies via “public-facing” devices such as open-source VPN software, which provide limited visibility and logging capabilities.
Companies and organizations can best protect themselves by prioritizing and patching vulnerabilities once they become known, Recorded Future’s threat intelligence analyst said.
Chinese Nationalist Party (KMT) Chairman Eric Chu (朱立倫), spokeswoman Yang Chih-yu (楊智伃) and Legislator Hsieh Lung-chieh (謝龍介) would be summoned by police for questioning for leading an illegal assembly on Thursday evening last week, Minister of the Interior Liu Shyh-fang (劉世芳) said today. The three KMT officials led an assembly outside the Taipei City Prosecutors’ Office, a restricted area where public assembly is not allowed, protesting the questioning of several KMT staff and searches of KMT headquarters and offices in a recall petition forgery case. Chu, Yang and Hsieh are all suspected of contravening the Assembly and Parade Act (集會遊行法) by holding
PRAISE: Japanese visitor Takashi Kubota said the Taiwanese temple architecture images showcased in the AI Art Gallery were the most impressive displays he saw Taiwan does not have an official pavilion at the World Expo in Osaka, Japan, because of its diplomatic predicament, but the government-backed Tech World pavilion is drawing interest with its unique recreations of works by Taiwanese artists. The pavilion features an artificial intelligence (AI)-based art gallery showcasing works of famous Taiwanese artists from the Japanese colonial period using innovative technologies. Among its main simulated displays are Eastern gouache paintings by Chen Chin (陳進), Lin Yu-shan (林玉山) and Kuo Hsueh-hu (郭雪湖), who were the three young Taiwanese painters selected for the East Asian Painting exhibition in 1927. Gouache is a water-based
Taiwan would welcome the return of Honduras as a diplomatic ally if its next president decides to make such a move, Minister of Foreign Affairs Lin Chia-lung (林佳龍) said yesterday. “Of course, we would welcome Honduras if they want to restore diplomatic ties with Taiwan after their elections,” Lin said at a meeting of the legislature’s Foreign Affairs and National Defense Committee, when asked to comment on statements made by two of the three Honduran presidential candidates during the presidential campaign in the Central American country. Taiwan is paying close attention to the region as a whole in the wake of a
OFF-TARGET: More than 30,000 participants were expected to take part in the Games next month, but only 6,550 foreign and 19,400 Taiwanese athletes have registered Taipei city councilors yesterday blasted the organizers of next month’s World Masters Games over sudden timetable and venue changes, which they said have caused thousands of participants to back out of the international sporting event, among other organizational issues. They also cited visa delays and political interference by China as reasons many foreign athletes are requesting refunds for the event, to be held from May 17 to 30. Jointly organized by the Taipei and New Taipei City governments, the games have been rocked by numerous controversies since preparations began in 2020. Taipei City Councilor Lin Yen-feng (林延鳳) said yesterday that new measures by
RSS