Hackers known as the Winnti Group were behind ransomware attacks on Taiwan’s two largest fuel suppliers, the Ministry of Justice Investigation Bureau said on Friday, adding that similar attacks on 10 domestic companies are likely in the next few days.
On May 4, state-run CPC Corp, Taiwan announced that its computer system had been infected with ransomware, causing payment issues at gas stations.
Formosa Petrochemical Corp reported similar issues the following day, and shut down its computer systems.
Powertech Technology Inc, a Hsinchu-based semiconductor firm, also reported a ransomware attack on May 5.
The bureau said that the Winnti Group, which is believed to be from China, likely had access to the firms’ computer systems for months before it carried out the attacks.
Liu Chia-jung (劉家榮), deputy director of the bureau’s Information Security Workstation, said that the hackers gained access to the companies’ Active Directory — a service for managing computers and other devices within a network — and used its task scheduling function to distribute the ransomware throughout each company’s computer network.
When employees’ computers tried to access the network at the start of the work day, a message appeared stating that their files had been encrypted and demanding a ransom of US$3,000 to unlock them, Liu said.
The bureau has asked international authorities investigating six German and Swiss e-mail accounts believed to be connected to the crimes for help, Liu said.
It has also asked US authorities to investigate a US-based company from which the group rented a virtual private server.
The bureau said it had information that the hackers planned to carry out similar attacks on 10 other Taiwanese companies in the next few days, but added that it did not know which are being targeted.
The bureau said that it has advised companies on several steps they could take to improve their digital security.
CPC, which local media reported was suffering computer issues again on Thursday, released a statement on Friday blaming the issue on an operational error, and said that it had strengthened its information security procedures following the May 4 attack.
China has reserved offshore airspace in the Yellow Sea and East China Sea from March 27 to May 6, issuing alerts usually used to warn of military exercises, although no such exercises have been announced, the Wall Street Journal (WSJ) reported yesterday. Reserving such a large area for 40 days without explanation is an “unusual step,” as military exercises normally only last a few days, the paper said. These alerts, known as Notice to Air Missions (Notams), “are intended to inform pilots and aviation authorities of temporary airspace hazards or restrictions,” the article said. The airspace reserved in the alert is
NAMING SPAT: The foreign ministry called on Denmark to propose an acceptable solution to the erroneous nationality used for Taiwanese on residence permits Taiwan has revoked some privileges for Danish diplomatic staff over a Danish permit that lists “Taiwan” as “China,” Eric Huang (黃鈞耀), head of the Ministry of Foreign Affairs’ Department of European Affairs, told a news conference in Taipei yesterday. Reporters asked Huang whether the Danish government had responded to the ministry’s request that it correct the nationality on Danish residence permits of Taiwanese, which has been listed as “China” since 2024. Taiwan’s representative office in Denmark continues to communicate with the Danish government, and the ministry has revoked some privileges previously granted to Danish representatives in Taiwan and would continue to review
The first bluefin tuna of the season, brought to shore in Pingtung County and weighing 190kg, was yesterday auctioned for NT$10,600 (US$333.5) per kilogram, setting a record high for the local market. The auction was held at the fish market in Donggang Fishing Harbor, where the Siaoliouciou Island-registered fishing vessel Fu Yu Ching No. 2 delivered the “Pingtung First Tuna” it had caught for bidding. Bidding was intense, and the tuna was ultimately jointly purchased by a local restaurant and a local company for NT$10,600 per kilogram — NT$300 ,more than last year — for a total of NT$2.014 million. The 67-year-old skipper
China has reserved offshore airspace over the Yellow Sea and East China Sea from March 27 to May 6, issuing alerts that are usually used to warn of military exercises, although no such exercises have been announced, the Wall Street Journal (WSJ) reported on Sunday. Reserving such a large area for 40 days without explanation is an “unusual step,” as military exercises normally only last a few days, the paper said. The alerts, known as notice to air missions (NOTAMs), “are intended to inform pilots and aviation authorities of temporary airspace hazards or restrictions,” the article said. The airspace reserved in the alert
RSS