0
0
0

481 Limestone Road, Oxford, PA 19363  *  Phone (610) 932-4484 *  Fax (610) 932-7324
  
  
 

 
Printable Page Headline News   Return to Menu - Page 1 2 3 5 6 7 8 13
 
 
Chinese Hackers Targeting Taiwan Firms 06/24 06:21

   

   HONG KONG (AP) -- A suspected Chinese state-sponsored hacking group has 
stepped up its targeting of Taiwanese organizations, particularly those in 
sectors such as government, education, technology and diplomacy, according to 
cybersecurity intelligence company Recorded Future.

   In recent years, relations between China and Taiwan, a self-governed island 
across the Taiwan Strait that Beijing claims as its territory, have 
deteriorated. The cyberattacks by the group known as RedJulliett were observed 
between November 2023 and April 2024, during the lead up to Taiwan's 
presidential elections in January and the subsequent change in administration.

   RedJuliett has targeted Taiwanese organizations in the past, but this is the 
first time that activity was seen at such a scale, a Recorded Future analyst 
said, speaking on condition of anonymity out of safety concerns.

   The report said RedJuliett attacked 24 organizations, including government 
agencies in places like Laos, Kenya and Rwanda, as well as Taiwan.

   It also hacked into websites of religious organizations in Hong Kong and 
South Korea, a U.S university and a Djiboutian university. The report did not 
identify the organizations.

   Recorded Future said RedJuliett accessed the servers of those places via a 
vulnerability in their SoftEther enterprise virtual private network (VPN) 
software, an open-source VPN that allows remote connections to an 
organization's networks.

   RedJuliett has been observed attempting to break into systems of more than 
70 Taiwanese organizations including three universities, an optoelectronics 
company and a facial recognition company that has contracts with the government.

   It was unclear if RedJuliett managed to break into those organizations: 
Recorded Future only said it observed the attempts to identify vulnerabilities 
in their networks.

   RedJuliett's hacking patterns match those of Chinese state-sponsored groups, 
according to Recorded Future.

   It said that based on the geolocations of IP addresses, RedJulliett is 
likely based out of the city of Fuzhou, in China's southern Fujian province, 
whose coast faces Taiwan.

   "Given the close geographical proximity between Fuzhou and Taiwan, Chinese 
intelligence services operating in Fuzhou are likely tasked with intelligence 
collection against Taiwanese targets," the report said.

   "RedJuliett is likely targeting Taiwan to collect intelligence and support 
Beijing's policy-making on cross-strait relations," the Recorded Future report 
said.

   Taiwan's Ministry of Foreign Affairs did not immediately comment.

   A Chinese Foreign Ministry spokesperson dismissed the allegations.

   "I don't know the specifics of what you mentioned, but I can tell you that 
it's not the first time the company you mentioned has fabricated disinformation 
on so-called Chinese hacking operations. There is absolutely no professionalism 
or credibility to speak of in what the company does," the spokesperson, Mao 
Ning, said.

   Microsoft reported in August last year that RedJuliett, which Microsoft 
tracks under the name Flax Typhoon, was targeting Taiwanese organizations.

   China has in recent years stepped up military drills around Taiwan and 
imposed economic and diplomatic pressure on the island.

   Relations between Taiwan and Beijing worsened further after the election in 
January of Taiwan's new president Lai Ching-te, who China has deemed a 
"separatist," after he said in his inauguration speech that Taiwan and China 
were not subordinate to each other. Like his predecessor Tsai Ing-wen, Lai has 
said that there is no need to declare Taiwanese independence because it is 
already an independent sovereign state.

   Like many other countries including the U.S., China has been known to engage 
in cyberespionage. Earlier this year, the U.S. and Britain accused China of a 
sweeping cyberespionage campaign that allegedly hit millions of people.

   Beijing has consistently denied engaging in any form of state-sponsored 
hacking, instead saying that China itself is a major target of cyberattacks.

   According to Recorded Future, Chinese state-sponsored groups will likely 
continue to target Taiwanese government agencies, universities and critical 
technology companies via "public-facing" devices such as open-source VPN 
software, which provide limited visibility and logging capabilities.

   Companies and organizations can best protect themselves by prioritizing and 
patching vulnerabilities once they become known, Recorded Future's threat 
intelligence analyst said.

 
Copyright DTN. All rights reserved. Disclaimer.
Powered By DTN