A suspected Chinese state-sponsored hacking group has stepped up its targeting of Taiwanese organizations, particularly those in government, education, technology and diplomacy sectors, a report by cybersecurity intelligence company Recorded Future said.
The cyberattacks by the group known as RedJuliett were observed between November last year and April, during the lead-up to the presidential and legislative elections in January and the subsequent change in administration.
RedJuliett has targeted Taiwanese organizations in the past, but this is the first time that activity was seen at such a scale, a Recorded Future analyst said, speaking on condition of anonymity out of safety concerns.
Photo: Reuters
The report said that RedJuliett attacked 24 organizations, including government agencies in places like Laos, Kenya and Rwanda, as well as Taiwan.
It also hacked into Web sites of religious organizations in Hong Kong and South Korea, a US university and a Djiboutian university. The report did not identify the organizations.
Recorded Future said RedJuliett accessed the servers of those places through a vulnerability in their SoftEther enterprise virtual private network (VPN) software, an open-source VPN that allows remote connections to an organization’s networks.
RedJuliett has been observed attempting to break into systems of more than 70 Taiwanese organizations including three universities, an optoelectronics company and a facial recognition company that has contracts with the government.
It was unclear if RedJuliett managed to break into those organizations: Recorded Future only said it observed the attempts to identify vulnerabilities in their networks.
RedJuliett’s hacking patterns match those of Chinese state-sponsored groups, Recorded Future said.
Based on the geolocations of Internet protocol addresses, RedJuliett is likely based out of Fuzhou, in China’s Fujian Province, the coast of which faces Taiwan, it said.
“Given the close geographical proximity between Fuzhou and Taiwan, Chinese intelligence services operating in Fuzhou are likely tasked with intelligence collection against Taiwanese targets,” the Recorded Future report said.
“RedJuliett is likely targeting Taiwan to collect intelligence and support Beijing’s policymaking on cross-strait relations,” it said.
The Ministry of Foreign Affairs and the Chinese Ministry of Foreign Affairs did not immediately comment.
Microsoft in August last year reported that RedJuliett, which the US company tracks under the name Flax Typhoon, was targeting Taiwanese organizations.
China has in the past few years stepped up military drills around Taiwan and imposed economic and diplomatic pressure on the nation.
Relations between Taipei and Beijing worsened after the election of William Lai (賴清德), who China has deemed a “separatist,” after he said in his inauguration speech that Taiwan and China were not subordinate to each other.
Like his predecessor Tsai Ing-wen (蔡英文), Lai has said that there is no need to declare Taiwanese independence because it is already an independent sovereign state.
Like many other countries including the US, China has been known to engage in cyberespionage. Earlier this year, the US and the UK accused China of a sweeping cyberespionage campaign that allegedly affected millions of people.
Beijing has consistently denied engaging in any form of state-sponsored hacking, instead saying that China itself is a major target of cyberattacks.
According to Recorded Future, Chinese state-sponsored groups will likely continue to target Taiwanese government agencies, universities and critical technology companies via “public-facing” devices such as open-source VPN software, which provide limited visibility and logging capabilities.
Companies and organizations can best protect themselves by prioritizing and patching vulnerabilities once they become known, Recorded Future’s threat intelligence analyst said.
Taipei and New Taipei City government officials are aiming to have the first phase of the Wanhua-Jungho-Shulin Mass Rapid Transit (MRT) line completed and opened by 2027, following the arrival of the first train set yesterday. The 22km-long Light Green Line would connect four densely populated districts in Taipei and New Taipei City: Wanhua (萬華), Jhonghe (中和), Tucheng (土城) and Shulin (樹林). The first phase of the project would connect Wanhua and Jhonghe districts, with Chiang Kai-shek Memorial Hall and Chukuang (莒光) being the terminal stations. The two municipalities jointly hosted a ceremony for the first train to be used
MILITARY AID: Taiwan has received a first batch of US long-range tactical missiles ahead of schedule, with a second shipment expected to be delivered by 2026 The US’ early delivery of long-range tactical ballistic missiles to Taiwan last month carries political and strategic significance, a military source said yesterday. According to the Ministry of National Defense’s budget report, the batch of military hardware from the US, including 11 sets of M142 High Mobility Artillery Rocket Systems (HIMARS) and 64 MGM-140 Army Tactical Missile Systems, had been scheduled to be delivered to Taiwan between the end of this year and the beginning of next year. However, the first batch arrived last month, earlier than scheduled, with the second batch —18 sets of HIMARS, 20 MGM-140 missiles and 864 M30
Representative to the US Alexander Yui delivered a letter from the government to US president-elect Donald Trump during a meeting with a former Trump administration official, CNN reported yesterday. Yui on Thursday met with former US national security adviser Robert O’Brien over a private lunch in Salt Lake City, Utah, with US Representative Chris Stewart, the Web site of the US cable news channel reported, citing three sources familiar with the matter. “During that lunch the letter was passed along, and then shared with Trump, two of the sources said,” CNN said. O’Brien declined to comment on the lunch, as did the Taipei
A woman who allegedly attacked a high-school student with a utility knife, injuring his face, on a Taipei metro train late on Friday has been transferred to prosecutors, police said yesterday. The incident occurred near MRT Xinpu Station at about 10:17pm on a Bannan Line train headed toward Dingpu, New Taipei City police said. Before police arrived at the station to arrest the suspect, a woman surnamed Wang (王) who is in her early 40s, she had already been subdued by four male passengers, one of whom was an off-duty Taipei police officer, police said. The student, 17, who sustained a cut about
RSS