A suspected Chinese state-sponsored hacking group has stepped up its targeting of Taiwanese organizations, particularly those in government, education, technology and diplomacy sectors, a report by cybersecurity intelligence company Recorded Future said.
The cyberattacks by the group known as RedJuliett were observed between November last year and April, during the lead-up to the presidential and legislative elections in January and the subsequent change in administration.
RedJuliett has targeted Taiwanese organizations in the past, but this is the first time that activity was seen at such a scale, a Recorded Future analyst said, speaking on condition of anonymity out of safety concerns.
Photo: Reuters
The report said that RedJuliett attacked 24 organizations, including government agencies in places like Laos, Kenya and Rwanda, as well as Taiwan.
It also hacked into Web sites of religious organizations in Hong Kong and South Korea, a US university and a Djiboutian university. The report did not identify the organizations.
Recorded Future said RedJuliett accessed the servers of those places through a vulnerability in their SoftEther enterprise virtual private network (VPN) software, an open-source VPN that allows remote connections to an organization’s networks.
RedJuliett has been observed attempting to break into systems of more than 70 Taiwanese organizations including three universities, an optoelectronics company and a facial recognition company that has contracts with the government.
It was unclear if RedJuliett managed to break into those organizations: Recorded Future only said it observed the attempts to identify vulnerabilities in their networks.
RedJuliett’s hacking patterns match those of Chinese state-sponsored groups, Recorded Future said.
Based on the geolocations of Internet protocol addresses, RedJuliett is likely based out of Fuzhou, in China’s Fujian Province, the coast of which faces Taiwan, it said.
“Given the close geographical proximity between Fuzhou and Taiwan, Chinese intelligence services operating in Fuzhou are likely tasked with intelligence collection against Taiwanese targets,” the Recorded Future report said.
“RedJuliett is likely targeting Taiwan to collect intelligence and support Beijing’s policymaking on cross-strait relations,” it said.
The Ministry of Foreign Affairs and the Chinese Ministry of Foreign Affairs did not immediately comment.
Microsoft in August last year reported that RedJuliett, which the US company tracks under the name Flax Typhoon, was targeting Taiwanese organizations.
China has in the past few years stepped up military drills around Taiwan and imposed economic and diplomatic pressure on the nation.
Relations between Taipei and Beijing worsened after the election of William Lai (賴清德), who China has deemed a “separatist,” after he said in his inauguration speech that Taiwan and China were not subordinate to each other.
Like his predecessor Tsai Ing-wen (蔡英文), Lai has said that there is no need to declare Taiwanese independence because it is already an independent sovereign state.
Like many other countries including the US, China has been known to engage in cyberespionage. Earlier this year, the US and the UK accused China of a sweeping cyberespionage campaign that allegedly affected millions of people.
Beijing has consistently denied engaging in any form of state-sponsored hacking, instead saying that China itself is a major target of cyberattacks.
According to Recorded Future, Chinese state-sponsored groups will likely continue to target Taiwanese government agencies, universities and critical technology companies via “public-facing” devices such as open-source VPN software, which provide limited visibility and logging capabilities.
Companies and organizations can best protect themselves by prioritizing and patching vulnerabilities once they become known, Recorded Future’s threat intelligence analyst said.
Kenting National Park service technician Yang Jien-fon (楊政峰) won a silver award in World Grand Prix Photography Awards Spring Season for his photograph of two male rat snakes intertwined in combat. Yang’s colleagues at Kenting National Park said he is a master of nature photography who has been held back by his job in civil service. The awards accept entries in all four seasons across six categories: architectural and urban photography, black-and-white and fine art photography, commercial and fashion photography, documentary and people photography, nature and experimental photography, and mobile photography. Awards are ranked according to scores and divided into platinum, gold and
More than half of the bamboo vipers captured in Tainan in the past few years were found in the city’s Sinhua District (新化), while other districts had smaller catches or none at all. Every year, Tainan captures about 6,000 snakes which have made their way into people’s homes. Of the six major venomous snakes in Taiwan, the cobra, the many-banded krait, the brown-spotted pit viper and the bamboo viper are the most frequently captured. The high concentration of bamboo vipers captured in Sinhua District is puzzling. Tainan Agriculture Bureau Forestry and Nature Conservation Division head Chu Chien-ming (朱健明) earlier this week said that the
BREACH OF CONTRACT: The bus operators would seek compensation and have demanded that the manufacturer replace the chips with ones that meet regulations Two bus operators found to be using buses with China-made chips are to demand that the original manufacturers replace the systems and provide compensation for breach of contract, the Veterans Affairs Council said yesterday. Democratic Progressive Party Legislator Michelle Lin (林楚茵) yesterday said that Da Nan Bus Co and Shin-Shin Bus Co Ltd have fielded a total of 82 buses that are using Chinese chips. The bus models were made by Tron-E, while the systems provider was CYE Electronics, Lin said. Lin alleged that the buses were using chips manufactured by Huawei subsidiary HiSilicon Co, which presents a national security risk if the
The National Immigration Agency has banned two Chinese from returning to Taiwan, after they published social media content it described as disrespectful to national sovereignty. The agency imposed a two-month ban on a Chinese man surnamed Liang (梁) and a permanent ban on a woman surnamed Yang (楊), an influencer with 23 million followers, in October last year and last week respectively. Minister of the Interior Liu Shyh-fang (劉世芳) yesterday said on the sidelines of a legislative meeting that Chinese visitors to Taiwan are required to comply with the rules and regulations governing their entry permits. The government has handled the ban and
RSS