A suspected Chinese state-sponsored hacking group has stepped up its targeting of Taiwanese organizations, particularly those in government, education, technology and diplomacy sectors, a report by cybersecurity intelligence company Recorded Future said.
The cyberattacks by the group known as RedJuliett were observed between November last year and April, during the lead-up to the presidential and legislative elections in January and the subsequent change in administration.
RedJuliett has targeted Taiwanese organizations in the past, but this is the first time that activity was seen at such a scale, a Recorded Future analyst said, speaking on condition of anonymity out of safety concerns.
Photo: Reuters
The report said that RedJuliett attacked 24 organizations, including government agencies in places like Laos, Kenya and Rwanda, as well as Taiwan.
It also hacked into Web sites of religious organizations in Hong Kong and South Korea, a US university and a Djiboutian university. The report did not identify the organizations.
Recorded Future said RedJuliett accessed the servers of those places through a vulnerability in their SoftEther enterprise virtual private network (VPN) software, an open-source VPN that allows remote connections to an organization’s networks.
RedJuliett has been observed attempting to break into systems of more than 70 Taiwanese organizations including three universities, an optoelectronics company and a facial recognition company that has contracts with the government.
It was unclear if RedJuliett managed to break into those organizations: Recorded Future only said it observed the attempts to identify vulnerabilities in their networks.
RedJuliett’s hacking patterns match those of Chinese state-sponsored groups, Recorded Future said.
Based on the geolocations of Internet protocol addresses, RedJuliett is likely based out of Fuzhou, in China’s Fujian Province, the coast of which faces Taiwan, it said.
“Given the close geographical proximity between Fuzhou and Taiwan, Chinese intelligence services operating in Fuzhou are likely tasked with intelligence collection against Taiwanese targets,” the Recorded Future report said.
“RedJuliett is likely targeting Taiwan to collect intelligence and support Beijing’s policymaking on cross-strait relations,” it said.
The Ministry of Foreign Affairs and the Chinese Ministry of Foreign Affairs did not immediately comment.
Microsoft in August last year reported that RedJuliett, which the US company tracks under the name Flax Typhoon, was targeting Taiwanese organizations.
China has in the past few years stepped up military drills around Taiwan and imposed economic and diplomatic pressure on the nation.
Relations between Taipei and Beijing worsened after the election of William Lai (賴清德), who China has deemed a “separatist,” after he said in his inauguration speech that Taiwan and China were not subordinate to each other.
Like his predecessor Tsai Ing-wen (蔡英文), Lai has said that there is no need to declare Taiwanese independence because it is already an independent sovereign state.
Like many other countries including the US, China has been known to engage in cyberespionage. Earlier this year, the US and the UK accused China of a sweeping cyberespionage campaign that allegedly affected millions of people.
Beijing has consistently denied engaging in any form of state-sponsored hacking, instead saying that China itself is a major target of cyberattacks.
According to Recorded Future, Chinese state-sponsored groups will likely continue to target Taiwanese government agencies, universities and critical technology companies via “public-facing” devices such as open-source VPN software, which provide limited visibility and logging capabilities.
Companies and organizations can best protect themselves by prioritizing and patching vulnerabilities once they become known, Recorded Future’s threat intelligence analyst said.
Police have issued warnings against traveling to Cambodia or Thailand when others have paid for the travel fare in light of increasing cases of teenagers, middle-aged and elderly people being tricked into traveling to these countries and then being held for ransom. Recounting their ordeal, one victim on Monday said she was asked by a friend to visit Thailand and help set up a bank account there, for which they would be paid NT$70,000 to NT$100,000 (US$2,136 to US$3,051). The victim said she had not found it strange that her friend was not coming along on the trip, adding that when she
TRAGEDY: An expert said that the incident was uncommon as the chance of a ground crew member being sucked into an IDF engine was ‘minuscule’ A master sergeant yesterday morning died after she was sucked into an engine during a routine inspection of a fighter jet at an air base in Taichung, the Air Force Command Headquarters said. The officer, surnamed Hu (胡), was conducting final landing checks at Ching Chuan Kang (清泉崗) Air Base when she was pulled into the jet’s engine for unknown reasons, the air force said in a news release. She was transported to a hospital for emergency treatment, but could not be revived, it said. The air force expressed its deepest sympathies over the incident, and vowed to work with authorities as they
A tourist who was struck and injured by a train in a scenic area of New Taipei City’s Pingsi District (平溪) on Monday might be fined for trespassing on the tracks, the Railway Police Bureau said yesterday. The New Taipei City Fire Department said it received a call at 4:37pm on Monday about an incident in Shifen (十分), a tourist destination on the Pingsi Railway Line. After arriving on the scene, paramedics treated a woman in her 30s for a 3cm to 5cm laceration on her head, the department said. She was taken to a hospital in Keelung, it said. Surveillance footage from a
INFRASTRUCTURE: Work on the second segment, from Kaohsiung to Pingtung, is expected to begin in 2028 and be completed by 2039, the railway bureau said Planned high-speed rail (HSR) extensions would blanket Taiwan proper in four 90-minute commute blocs to facilitate regional economic and livelihood integration, Railway Bureau Deputy Director-General Yang Cheng-chun (楊正君) said in an interview published yesterday. A project to extend the high-speed rail from Zuoying Station in Kaohsiung to Pingtung County’s Lioukuaicuo Township (六塊厝) is the first part of the bureau’s greater plan to expand rail coverage, he told the Liberty Times (sister paper of the Taipei Times). The bureau’s long-term plan is to build a loop to circle Taiwan proper that would consist of four sections running from Taipei to Hualien, Hualien to
RSS