Hackers known as the Winnti Group were behind ransomware attacks on Taiwan’s two largest fuel suppliers, the Ministry of Justice Investigation Bureau said on Friday, adding that similar attacks on 10 domestic companies are likely in the next few days.
On May 4, state-run CPC Corp, Taiwan announced that its computer system had been infected with ransomware, causing payment issues at gas stations.
Formosa Petrochemical Corp reported similar issues the following day, and shut down its computer systems.
Powertech Technology Inc, a Hsinchu-based semiconductor firm, also reported a ransomware attack on May 5.
The bureau said that the Winnti Group, which is believed to be from China, likely had access to the firms’ computer systems for months before it carried out the attacks.
Liu Chia-jung (劉家榮), deputy director of the bureau’s Information Security Workstation, said that the hackers gained access to the companies’ Active Directory — a service for managing computers and other devices within a network — and used its task scheduling function to distribute the ransomware throughout each company’s computer network.
When employees’ computers tried to access the network at the start of the work day, a message appeared stating that their files had been encrypted and demanding a ransom of US$3,000 to unlock them, Liu said.
The bureau has asked international authorities investigating six German and Swiss e-mail accounts believed to be connected to the crimes for help, Liu said.
It has also asked US authorities to investigate a US-based company from which the group rented a virtual private server.
The bureau said it had information that the hackers planned to carry out similar attacks on 10 other Taiwanese companies in the next few days, but added that it did not know which are being targeted.
The bureau said that it has advised companies on several steps they could take to improve their digital security.
CPC, which local media reported was suffering computer issues again on Thursday, released a statement on Friday blaming the issue on an operational error, and said that it had strengthened its information security procedures following the May 4 attack.
The military has spotted two Chinese warships operating in waters near Penghu County in the Taiwan Strait and sent its own naval and air forces to monitor the vessels, the Ministry of National Defense (MND) said. Beijing sends warships and warplanes into the waters and skies around Taiwan on an almost daily basis, drawing condemnation from Taipei. While the ministry offers daily updates on the locations of Chinese military aircraft, it only rarely gives details of where Chinese warships are operating, generally only when it detects aircraft carriers, as happened last week. A Chinese destroyer and a frigate entered waters to the southwest
A magnitude 6.1 earthquake struck off the coast of Yilan County at 8:39pm tonight, the Central Weather Administration (CWA) said, with no immediate reports of damage or injuries. The epicenter was 38.7km east-northeast of Yilan County Hall at a focal depth of 98.3km, the CWA’s Seismological Center said. The quake’s maximum intensity, which gauges the actual physical effect of a seismic event, was a level 4 on Taiwan’s 7-tier intensity scale, the center said. That intensity level was recorded in Yilan County’s Nanao Township (南澳), Hsinchu County’s Guansi Township (關西), Nantou County’s Hehuanshan (合歡山) and Hualien County’s Yanliao (鹽寮). An intensity of 3 was
Japanese Prime Minister Sanae Takaichi’s comment last year on Tokyo’s potential reaction to a Taiwan-China conflict has forced Beijing to rewrite its invasion plans, a retired Japanese general said. Takaichi told the Diet on Nov. 7 last year that a Chinese naval blockade or military attack on Taiwan could constitute a “survival-threatening situation” for Japan, potentially allowing Tokyo to exercise its right to collective self-defense. Former Japan Ground Self-Defense Force general Kiyofumi Ogawa said in a recent speech that the remark has been interpreted as meaning Japan could intervene in the early stages of a Taiwan Strait conflict, undermining China’s previous assumptions
Taiwan Railways Corp (TRC) today announced that Shin Kong Mitsukoshi has been selected as the preferred bidder to operate the Taipei Railway Station shopping mall, replacing the current operator, Breeze Development Co Ltd. Among eight qualified firms that delivered presentations and were evaluated by a review committee, Shin Kong Mitsukoshi was ranked first, while Breeze was named the runner-up, the rail company said in a statement. Contract negotiations are to proceed in accordance with regulations, it said, adding that if negotiations with the top bidder fail, it could invite the second-ranked applicant to enter talks. Breeze in a statement today expressed doubts over
RSS