China-backed hackers step up attacks on Taiwan, cybersecurity firm says | Cybersecurity

China-backed hackers step up attacks on Taiwan, cybersecurity firm says | Cybersecurity

The hacker group RedJuliett has reportedly compromised two dozen organizations in Taiwan and elsewhere.

A hacker group suspected of being backed by China has stepped up attacks on organizations in Taiwan as part of Beijing’s intelligence activities on the self-ruled island, according to a report by a cybersecurity firm.

The hacker group RedJuliett compromised two dozen organizations between November 2023 and April this year, likely to gather information about Taiwan’s diplomatic relations and technological development, Recorded Future reported on Monday.

RedJuliett exploited vulnerabilities in internet-connected devices such as firewalls and virtual private networks (VPNs) to compromise its targets, which included technology companies, government agencies and universities, the U.S.-based cybersecurity firm said.

RedJuliett also conducted “network reconnaissance or exploitation attempts” against more than 70 Taiwanese organizations, including several de facto embassies, according to the company.

“In Taiwan, we have observed RedJuliett heavily targeting the technology industry, including companies in critical technology fields. RedJuliett has conducted vulnerability scans at a semiconductor company and two Taiwanese aerospace companies that have contracts with the Taiwanese military,” the Recorded Future report said.

“The group also targeted eight electronics manufacturers, two technology-oriented universities, an industrial embedded systems company, a technology-oriented research and development institute, and seven computer industry associations.”

While nearly two-thirds of the targets were in Taiwan, the group also compromised organizations elsewhere, including religious organizations in Taiwan, Hong Kong and South Korea, as well as a university in Djibouti.

Recorded Future expects that Chinese state-sponsored hackers will continue to target Taiwan for intelligence gathering purposes.

“We also expect that Chinese state-sponsored groups will continue to focus on reconnaissance and exploitation of publicly available devices, as this has proven to be a successful tactic for gaining initial access to a wide range of global targets,” the cybersecurity firm said.

The Chinese Foreign Ministry and the Chinese Embassy in Washington, DC did not immediately respond to requests for comment.

Beijing has previously denied engaging in cyber espionage – a practice carried out by governments around the world – and instead portrayed itself as a regular victim of cyber attacks.

China claims democratically governed Taiwan as part of its territory, although the Chinese Communist Party has never exercised control over the island.

Relations between Beijing and Taipei have deteriorated as Taiwan’s ruling Democratic Progressive Party seeks to raise the island’s profile on the international stage.

On Monday, Taiwan’s President William Lai Ching-te attacked Beijing for passing laws threatening the death penalty for supporters of Taiwanese independence.

“I want to stress that democracy is not a crime. The real evil is autocracy,” Lai told reporters.

Lai, whom Beijing has labelled a “separatist”, said there was no need to officially declare Taiwan’s independence as the country was already an independent, sovereign state.