Hackers known as the Winnti Group were behind ransomware attacks on Taiwan’s two largest fuel suppliers, the Ministry of Justice Investigation Bureau said on Friday, adding that similar attacks on 10 domestic companies are likely in the next few days.
On May 4, state-run CPC Corp, Taiwan announced that its computer system had been infected with ransomware, causing payment issues at gas stations.
Formosa Petrochemical Corp reported similar issues the following day, and shut down its computer systems.
Powertech Technology Inc, a Hsinchu-based semiconductor firm, also reported a ransomware attack on May 5.
The bureau said that the Winnti Group, which is believed to be from China, likely had access to the firms’ computer systems for months before it carried out the attacks.
Liu Chia-jung (劉家榮), deputy director of the bureau’s Information Security Workstation, said that the hackers gained access to the companies’ Active Directory — a service for managing computers and other devices within a network — and used its task scheduling function to distribute the ransomware throughout each company’s computer network.
When employees’ computers tried to access the network at the start of the work day, a message appeared stating that their files had been encrypted and demanding a ransom of US$3,000 to unlock them, Liu said.
The bureau has asked international authorities investigating six German and Swiss e-mail accounts believed to be connected to the crimes for help, Liu said.
It has also asked US authorities to investigate a US-based company from which the group rented a virtual private server.
The bureau said it had information that the hackers planned to carry out similar attacks on 10 other Taiwanese companies in the next few days, but added that it did not know which are being targeted.
The bureau said that it has advised companies on several steps they could take to improve their digital security.
CPC, which local media reported was suffering computer issues again on Thursday, released a statement on Friday blaming the issue on an operational error, and said that it had strengthened its information security procedures following the May 4 attack.
Eight Chinese naval vessels and 24 military aircraft were detected crossing the median line of the Taiwan Strait between 6am yesterday and 6am today, the Ministry of National Defense said this morning. The aircraft entered Taiwan’s northern, central, southwestern and eastern air defense identification zones, the ministry said. The armed forces responded with mission aircraft, naval vessels and shore-based missile systems to closely monitor the situation, it added. Eight naval vessels, one official ship and 36 aircraft sorties were spotted in total, the ministry said.
INCREASED CAPACITY: The flights on Mondays, Wednesdays, Fridays and Sundays would leave Singapore in the morning and Taipei in the afternoon Singapore Airlines is adding four supplementary flights to Taipei per week until May to meet increased tourist and business travel demand, the carrier said on Friday. The addition would raise the number of weekly flights it operates to Taipei to 18, Singapore Airlines Taiwan general manager Timothy Ouyang (歐陽漢源) said. The airline has recorded a steady rise in tourist and business travel to and from Taipei, and aims to provide more flexible travel arrangements for passengers, said Ouyang, who assumed the post in July last year. From now until Saturday next week, four additional flights would depart from Singapore on Monday, Wednesday, Friday
The Ministry of National Defense yesterday reported the return of large-scale Chinese air force activities after their unexplained absence for more than two weeks, which had prompted speculation regarding Beijing’s motives. China usually sends fighter jets, drones and other military aircraft around the nation on a daily basis. Interruptions to such routine are generally caused by bad weather. The Ministry of National Defense said it had detected 26 Chinese military aircraft in the Taiwan Strait over the previous 24 hours. It last reported that many aircraft on Feb. 25, when it spotted 30 aircraft, saying Beijing was carrying out another “joint combat
The Ministry of Foreign Affairs (MOFA) today said that if South Korea does not reply appropriately to its request to correct Taiwan’s name on its e-Arrival card system before March 31, it would take corresponding measures to alter how South Korea is labeled on the online Taiwan Arrival Card system. South Korea’s e-Arrival card system lists Taiwan as “China (Taiwan)” in the “point of departure” and “next destination” fields. The ministry said that it changed the nationality for South Koreans on Taiwan’s Alien Resident Certificates from “Korea” to “South Korea” on March 1, in a gesture of goodwill and based on the
RSS