Hacking group RedJuliett compromised two dozen organisations in Taiwan and elsewhere, report says.
A suspected China-backed hacking outfit has intensified attacks on organisations in Taiwan as part of Beijing’s intelligence-gathering activities on the self-governing island, a cybersecurity firm has said.
The hacking group, RedJuliett, compromised two dozen organisations between November 2023 and April of this year, likely in support of intelligence collection on Taiwan’s diplomatic relations and technological development, Recorded Future said in a report released on Monday.
RedJuliett exploited vulnerabilities in internet-facing appliances, such as firewalls and virtual private networks (VPNs), to compromise its targets, which included tech firms, government agencies and universities, the United States-based cybersecurity firm said.
RedJuliett also conducted “network reconnaissance or attempted exploitation” against more than 70 Taiwanese organisations, including multiple de facto embassies, according to the firm.
“Within Taiwan, we observed RedJuliett heavily target the technology industry, including organisations in critical technology fields. RedJuliett conducted vulnerability scanning or attempted exploitation against a semiconductor company and two Taiwanese aerospace companies that have contracts with the Taiwanese military,” Recorded Future said in its report.
“The group also targeted eight electronics manufacturers, two universities focused on technology, an industrial embedded systems company, a technology-focused research and development institute, and seven computing industry associations.”
While nearly two-thirds of the targets were in Taiwan, the group also compromised organisations elsewhere, including religious organisations in Taiwan, Hong Kong, and South Korea and a university in Djibouti.
Recorded Future said it expected Chinese state-sponsored hackers to continue targeting Taiwan for intelligence-gathering activities.
“We also anticipate that Chinese state-sponsored groups will continue to focus on conducting reconnaissance against and exploiting public-facing devices, as this has proved a successful tactic in scaling initial access against a wide range of global targets,” the cybersecurity firm said.
China’s Ministry of Foreign Affairs and its embassy in Washington, DC did not immediately respond to requests for comment.
Beijing has previously denied engaging in cyber-espionage – a practice carried out by governments worldwide – instead casting itself as a regular victim of cyberattacks.
China claims democratically ruled Taiwan as part of its territory, although the Chinese Communist Party has never exerted control over the island.
Relations between Beijing and Taipei have deteriorated as Taiwan’s ruling Democratic Progressive Party has sought to boost the island’s profile on the international stage.
On Monday, Taiwanese President William Lai Ching-te hit out at Beijing after it issued legal guidelines threatening the death penalty for those who advocate Taiwanese independence.
“I want to stress, democracy is not a crime; it’s autocracy that is the real evil,” Lai told reporters.
Lai, whom Beijing has branded a “separatist”, has said there is no need to formally declare independence for Taiwan because it is already an independent sovereign state.