Chinese-linked hackers are targeting the Taiwanese semiconductor industry and investment analysts as part of a string of cyber-espionage campaigns, researchers said yesterday.
While hacking to steal data and information about the industry is not new, there is an increase in sustained hacking campaigns from several China-aligned hacking groups, researchers with cybersecurity firm Proofpoint said in a new analysis.
“We’ve seen entities that we hadn’t ever seen being targeted in the past being targeted,” said Mark Kelly, a threat researcher focused on Chinese-related threats at Proofpoint.
Photo: Reuters
The previously unreported hacking campaigns were carried out by at least three distinct Chinese-linked groups primarily between March and last month, with some activity likely ongoing, Proofpoint said. They come amid rising restrictions by Washington on exports to China of US-designed chips that are often manufactured in Taiwan. China's chip industry has been working to replace its dwindling supply of sophisticated US chips, especially those used in artificial intelligence.
The researchers declined to identify the hacking targets, but told Reuters that approximately 15 to 20 organizations ranging from small businesses, analysts employed by at least one US-headquartered international bank, and large global enterprises faced attacks.
Major Taiwanese semiconductor firms include Taiwan Semiconductor Manufacturing Co, MediaTek, United Microelectronics Corp, Nanya Technology and RealTek Semiconductor. TSMC declined to comment. MediaTek, UMC, Nanya and RealTek did not respond to requests for comment.
Reuters was unable to identify the specific hacking targets or determine whether any of the efforts were successful.
A spokesperson for the Chinese embassy in Washington told Reuters in an email that cyberattacks “are a common threat faced by all countries, China included,” and that the Asian country “firmly opposes and combats all forms of cyber attacks and cyber crime — a position that is consistent and clear.”
The activity ranged from one or two emails sent as part of the more targeted campaign focused on specific people, to as many as 80 emails when trying to gain information from the company at large, Kelly said.
One group targeted semiconductor design, manufacturing and supply-chain organizations using compromised Taiwanese university email accounts to pose as job seekers and send malware via PDFs with URLs leading to malicious files, or a password-protected archive.
Another targeted financial analysts at major unnamed investment firms focused on the Taiwanese semiconductor industry by posing as a fictitious investment firm and seeking collaboration. Two of the entities are based in Asia, while the third is based in the US. The FBI declined to comment.
A representative of TeamT5, a cybersecurity firm based in Taiwan, told Reuters that it had also seen an increase in emails being sent targeting the semiconductor industry tied to a few hacking groups, “but not a wide or general phenomenon.”
Targeting of semiconductors and the supply chain around them “is a persistent threat that has existed for long,” the representative said, and a “constant interest” for Chinese-related advanced hacking operators.
These groups often target “peripheral suppliers or related industries,” the representative said, such as a situation last month where a China-linked hacking group identified by TeamT5 as "Amoeba" launched a phishing campaign against an unnamed chemical company that plays a critical role in the semiconductor supply chain.
The military has spotted two Chinese warships operating in waters near Penghu County in the Taiwan Strait and sent its own naval and air forces to monitor the vessels, the Ministry of National Defense (MND) said. Beijing sends warships and warplanes into the waters and skies around Taiwan on an almost daily basis, drawing condemnation from Taipei. While the ministry offers daily updates on the locations of Chinese military aircraft, it only rarely gives details of where Chinese warships are operating, generally only when it detects aircraft carriers, as happened last week. A Chinese destroyer and a frigate entered waters to the southwest
The eastern extension of the Taipei MRT Red Line could begin operations as early as late June, the Taipei Department of Rapid Transit Systems said yesterday. Taipei Rapid Transit Corp said it is considering offering one month of free rides on the new section to mark its opening. Construction progress on the 1.4km extension, which is to run from the current terminal Xiangshan Station to a new eastern terminal, Guangci/Fengtian Temple Station, was 90.6 percent complete by the end of last month, the department said in a report to the Taipei City Council's Transportation Committee. While construction began in October 2016 with an
NON-RED SUPPLY: Boosting the nation’s drone industry is becoming increasingly urgent as China’s UAV dominance could become an issue in a crisis, an analyst said Taiwan’s drone exports to Europe grew 41.7-fold from 2024 to last year, with demand from Ukraine’s fight against Russian aggression the most likely driver of growth, a study showed. The Institute for Democracy, Society and Emerging Technology (DSET) in a statement on Wednesday said it found that many of Taiwan’s uncrewed aerial vehicle (UAV) sales were from Poland and the Czech Republic. These countries likely transferred the drones to Ukraine to aid it in its fight against the Russian invasion that started in 2022, it said. Despite the gains, Taiwan is not the dominant drone exporter to these markets, ranking second and fourth
Japanese Prime Minister Sanae Takaichi’s comment last year on Tokyo’s potential reaction to a Taiwan-China conflict has forced Beijing to rewrite its invasion plans, a retired Japanese general said. Takaichi told the Diet on Nov. 7 last year that a Chinese naval blockade or military attack on Taiwan could constitute a “survival-threatening situation” for Japan, potentially allowing Tokyo to exercise its right to collective self-defense. Former Japan Ground Self-Defense Force general Kiyofumi Ogawa said in a recent speech that the remark has been interpreted as meaning Japan could intervene in the early stages of a Taiwan Strait conflict, undermining China’s previous assumptions
RSS