Chinese-linked hackers are targeting the Taiwanese semiconductor industry and investment analysts as part of a string of cyber-espionage campaigns, researchers said yesterday.
While hacking to steal data and information about the industry is not new, there is an increase in sustained hacking campaigns from several China-aligned hacking groups, researchers with cybersecurity firm Proofpoint said in a new analysis.
“We’ve seen entities that we hadn’t ever seen being targeted in the past being targeted,” said Mark Kelly, a threat researcher focused on Chinese-related threats at Proofpoint.
Photo: Reuters
The previously unreported hacking campaigns were carried out by at least three distinct Chinese-linked groups primarily between March and last month, with some activity likely ongoing, Proofpoint said. They come amid rising restrictions by Washington on exports to China of US-designed chips that are often manufactured in Taiwan. China's chip industry has been working to replace its dwindling supply of sophisticated US chips, especially those used in artificial intelligence.
The researchers declined to identify the hacking targets, but told Reuters that approximately 15 to 20 organizations ranging from small businesses, analysts employed by at least one US-headquartered international bank, and large global enterprises faced attacks.
Major Taiwanese semiconductor firms include Taiwan Semiconductor Manufacturing Co, MediaTek, United Microelectronics Corp, Nanya Technology and RealTek Semiconductor. TSMC declined to comment. MediaTek, UMC, Nanya and RealTek did not respond to requests for comment.
Reuters was unable to identify the specific hacking targets or determine whether any of the efforts were successful.
A spokesperson for the Chinese embassy in Washington told Reuters in an email that cyberattacks “are a common threat faced by all countries, China included,” and that the Asian country “firmly opposes and combats all forms of cyber attacks and cyber crime — a position that is consistent and clear.”
The activity ranged from one or two emails sent as part of the more targeted campaign focused on specific people, to as many as 80 emails when trying to gain information from the company at large, Kelly said.
One group targeted semiconductor design, manufacturing and supply-chain organizations using compromised Taiwanese university email accounts to pose as job seekers and send malware via PDFs with URLs leading to malicious files, or a password-protected archive.
Another targeted financial analysts at major unnamed investment firms focused on the Taiwanese semiconductor industry by posing as a fictitious investment firm and seeking collaboration. Two of the entities are based in Asia, while the third is based in the US. The FBI declined to comment.
A representative of TeamT5, a cybersecurity firm based in Taiwan, told Reuters that it had also seen an increase in emails being sent targeting the semiconductor industry tied to a few hacking groups, “but not a wide or general phenomenon.”
Targeting of semiconductors and the supply chain around them “is a persistent threat that has existed for long,” the representative said, and a “constant interest” for Chinese-related advanced hacking operators.
These groups often target “peripheral suppliers or related industries,” the representative said, such as a situation last month where a China-linked hacking group identified by TeamT5 as "Amoeba" launched a phishing campaign against an unnamed chemical company that plays a critical role in the semiconductor supply chain.
Taiwan has received more than US$70 million in royalties as of the end of last year from developing the F-16V jet as countries worldwide purchase or upgrade to this popular model, government and military officials said on Saturday. Taiwan funded the development of the F-16V jet and ended up the sole investor as other countries withdrew from the program. Now the F-16V is increasingly popular and countries must pay Taiwan a percentage in royalties when they purchase new F-16V aircraft or upgrade older F-16 models. The next five years are expected to be the peak for these royalties, with Taiwan potentially earning
STAY IN YOUR LANE: As the US and Israel attack Iran, the ministry has warned China not to overstep by including Taiwanese citizens in its evacuation orders The Ministry of Foreign Affairs (MOFA) yesterday rebuked a statement by China’s embassy in Israel that it would evacuate Taiwanese holders of Chinese travel documents from Israel amid the latter’s escalating conflict with Iran. Tensions have risen across the Middle East in the wake of US and Israeli airstrikes on Iran beginning Saturday. China subsequently issued an evacuation notice for its citizens. In a news release, the Chinese embassy in Israel said holders of “Taiwan compatriot permits (台胞證)” issued to Taiwanese nationals by Chinese authorities for travel to China — could register for evacuation to Egypt. In Taipei, the ministry yesterday said Taiwan
Taiwan is awaiting official notification from the US regarding the status of the Agreement on Reciprocal Trade (ART) after the US Supreme Court ruled US President Donald Trump's global tariffs unconstitutional. Speaking to reporters before a legislative hearing today, Premier Cho Jung-tai (卓榮泰) said that Taiwan's negotiation team remains focused on ensuring that the bilateral trade deal remains intact despite the legal challenge to Trump's tariff policy. "The US has pledged to notify its trade partners once the subsequent administrative and legal processes are finalized, and that certainly includes Taiwan," Cho said when asked about opposition parties’ doubts that the ART was
If China chose to invade Taiwan tomorrow, it would only have to sever three undersea fiber-optic cable clusters to cause a data blackout, Jason Hsu (許毓仁), a senior fellow at the Hudson Institute and former Chinese Nationalist Party (KMT) legislator, told a US security panel yesterday. In a Taiwan contingency, cable disruption would be one of the earliest preinvasion actions and the signal that escalation had begun, he said, adding that Taiwan’s current cable repair capabilities are insufficient. The US-China Economic and Security Review Commission (USCC) yesterday held a hearing on US-China Competition Under the Sea, with Hsu speaking on
RSS