Chinese hackers have stepped up attacks on Taiwanese organizations, cybersecurity firm says

Microsoft

Chinese hackers have stepped up attacks on Taiwanese organizations, cybersecurity firm says

A cybersecurity intelligence company says a suspected Chinese state-sponsored hacking group has intensified attacks on Taiwanese organizations, particularly those in sectors such as the government, education and technology

ByZEN SOO AP technology writer

June 24, 2024, 12:03 AM

    HONG KONG -- A suspected Chinese state-sponsored hacking group has stepped up its targeting of Taiwanese organizations, particularly those in sectors such as government, education, technology and diplomacy, according to cybersecurity intelligence company Recorded Future.

    In recent years, relations between China and Taiwan, a self-governed island across the Taiwan Strait that Beijing claims as its territory, have deteriorated. The cyberattacks by the group known as RedJulliett were observed between November 2023 and April 2024, during the lead up to Taiwan's presidential elections in January and the subsequent change in administration.

    RedJuliett has targeted Taiwanese organizations in the past, but this is the first time that activity was seen at such a scale, a Recorded Future analyst said, speaking on condition of anonymity out of safety concerns.

    The report said RedJuliett attacked 24 organizations, including government agencies in places like Laos, Kenya and Rwanda, as well as Taiwan.

    It also hacked into websites of religious organizations in Hong Kong and South Korea, a U.S university and a Djiboutian university. The report did not identify the organizations.

    Recorded Future said RedJuliett accessed the servers of those places via a vulnerability in their SoftEther enterprise virtual private network (VPN) software, an open-source VPN that allows remote connections to an organization’s networks.

    RedJuliett has been observed attempting to break into systems of more than 70 Taiwanese organizations including three universities, an optoelectronics company and a facial recognition company that has contracts with the government.

    It was unclear if RedJuliett managed to break into those organizations: Recorded Future only said it observed the attempts to identify vulnerabilities in their networks.

    RedJuliett's hacking patterns match those of Chinese state-sponsored groups, according to Recorded Future.

    It said that based on the geolocations of IP addresses, RedJulliett is likely based out of the city of Fuzhou, in China’s southern Fujian province, whose coast faces Taiwan.

    “Given the close geographical proximity between Fuzhou and Taiwan, Chinese intelligence services operating in Fuzhou are likely tasked with intelligence collection against Taiwanese targets,” the report said.

    “RedJuliett is likely targeting Taiwan to collect intelligence and support Beijing’s policy-making on cross-strait relations,” the Recorded Future report said.

    Taiwan’s Ministry of Foreign Affairs and China’s foreign ministry did not immediately comment.

    Microsoft reported in August last year that RedJuliett, which Microsoft tracks under the name Flax Typhoon, was targeting Taiwanese organizations.

    China has in recent years stepped up military drills around Taiwan and imposed economic and diplomatic pressure on the island.

    Relations between Taiwan and Beijing worsened further after the election in January of Taiwan's new president Lai Ching-te, who China has deemed a “separatist," after he said in his inauguration speech that Taiwan and China were not subordinate to each other. Like his predecessor Tsai Ing-wen, Lai has said that there is no need to declare Taiwanese independence because it is already an independent sovereign state.

    Like many other countries including the U.S., China has been known to engage in cyberespionage. Earlier this year, the U.S. and Britain accused China of a sweeping cyberespionage campaign that allegedly hit millions of people.

    Beijing has consistently denied engaging in any form of state-sponsored hacking, instead saying that China itself is a major target of cyberattacks.

    According to Recorded Future, Chinese state-sponsored groups will likely continue to target Taiwanese government agencies, universities and critical technology companies via “public-facing” devices such as open-source VPN software, which provide limited visibility and logging capabilities.

    Companies and organizations can best protect themselves by prioritizing and patching vulnerabilities once they become known, Recorded Future’s threat intelligence analyst said.

    ___

    Link to the report: : https://www.recordedfuture.com/redjuliett-intensifies-taiwanese-cyber-espionage-via-network-perimeter

    OTHER NEWS

    11 minutes ago

    Tunisian President Kais Saied to seek reelection in October after tumultuous first term

    11 minutes ago

    Starbucks shares update on mobile ordering, system issues due to CrowdStrike outage

    11 minutes ago

    Ravens sign former Bears S Eddie Jackson, 2-time Pro Bowler

    11 minutes ago

    Postal worker fatally shot in front of Chicago residence: Officials

    11 minutes ago

    Stephen Michael B: Search for missing Brit who vanished in Spanish mountains extended to rugged terrain

    11 minutes ago

    Passenger receives handwritten boarding pass during Microsoft outage

    11 minutes ago

    Rory McIlroy says he was beaten by wind at Troon as hunt for fifth major goes on

    11 minutes ago

    Dan Brown making a name for himself at British Open as a leader at Royal Troon

    11 minutes ago

    Mel B receives honorary doctorate in special Scary Spice gown

    11 minutes ago

    Hit Netflix drama series The Witcher filming criticised by Chris Packham wildlife organisation

    11 minutes ago

    ATP roundup: Rafael Nadal wins 4-hour match to advance to Bastad semis

    15 minutes ago

    From fierce political rivals to space exploration, check out these new podcasts

    15 minutes ago

    'We're inside the 10-yard line': Secretary of state on an Israel-Hamas ceasefire deal

    16 minutes ago

    Video:

    16 minutes ago

    Video: Microsoft outage travel chaos continues: Hundreds of frustrated travellers packed into Euston station with nowhere to go on day of disorder that saw more than 100 planes grounded and passengers stranded on hottest day of the year

    16 minutes ago

    Video: Lady Deadpool's full look is revealed in Deadpool & Wolverine's final trailer - featuring a surprise cameo from Dafne Keen as X23 alongside Hugh Jackman

    16 minutes ago

    Video: Nail expert reveals the gel polish 'red flags' to look out for during your next manicure

    17 minutes ago

    Ryanair wins US screen-scraping case against Booking.com

    17 minutes ago

    Video: Eerie Google Street View image offers haunting clue to disappearance of California woman, 25, who vanished in 2022

    17 minutes ago

    Former TLC star Jana Duggar gives a rare glimpse inside her tiny home - as she reveals she has finally MOVED OUT of her parents' house at 34

    17 minutes ago

    Guardians agree to contract with No. 1 overall pick Travis Bazzana

    17 minutes ago

    Phony priest who allegedly robbed NYC church linked to heists at houses of worship across the country: sources

    17 minutes ago

    Packers need elite seasons from several elite-tier players in 2024

    17 minutes ago

    Packers host workout for QB Jake Fromm before training camp

    17 minutes ago

    IRS Proposes New RMD Regulations: Impact on Retirement Planning

    17 minutes ago

    Christina Hall Was Actually UNDER Budget on Her Latest Reno—Here's How

    17 minutes ago

    Airlines may owe you for your flight chaos. Here's what to know.

    17 minutes ago

    Florida resident sounds off on high cost of living: 'It doesn't make sense anymore'

    17 minutes ago

    Numbers say Jaiswal-Abhishek better than Jaiswal-Gill in T20s

    17 minutes ago

    Open Championship Leader Facing Backlash Following Hot-Mic Incident with Photographer

    17 minutes ago

    Lakers reportedly expected to add Beau Levesque to coaching staff

    17 minutes ago

    Yuki Tsunoda loses temper with engineer in unheard FP2 radio message

    17 minutes ago

    ‘Oddity' Director Damian McCarthy Created a Festival Favorite by Collecting a Treasure Trove of Haunted Items - Including a Terrifying Wooden Man

    17 minutes ago

    Athol Trollip takes a swipe at MK Party MP Des Van Rooyen

    17 minutes ago

    Are New York Knicks 'Power-Ranked' Too Low On NBA List?

    17 minutes ago

    Colts' training camp preview: Who are the newcomers on the roster?

    17 minutes ago

    Powerball Results for Friday 19 July 2024

    17 minutes ago

    Cheng Pei-pei, martial arts icon who starred in “Crouching Tiger, Hidden Dragon,” dies at 78

    17 minutes ago

    IT outage 'causing disruption in majority of GP practices' in England

    17 minutes ago

    Sergio Perez responds to Yuki Tsunoda statement of intent as Red Bull rumours intensify

    ALONGWALKER VIETNAM: Kênh khám phá trải nghiệm của giới trẻ, thế giới du lịch ALONGWALKER INDONESIA: Saluran untuk mengeksplorasi pengalaman para pemuda global