Hacking group RedJuliett has reportedly compromised more than 20 organizations in Taiwan and elsewhere.
A cybersecurity firm said a group of hackers believed to be China-backed has stepped up attacks on Taiwanese organizations as part of Beijing’s intelligence-gathering efforts in the autonomous region.
A report released Monday by Recorded Future said hacking group Red Juliet infiltrated 24 organisations between November 2023 and April this year and may have used them to gather intelligence on Taiwan’s diplomatic relations and technological developments.
According to the US-based cybersecurity firm, Red Juliet exploited vulnerabilities in internet-connected devices such as firewalls and virtual private networks (VPNs) to compromise targets including tech companies, government agencies and universities.
The company said Red Juliet also conducted “network reconnaissance or exploitation attempts” against more than 70 Taiwanese organizations, including several de facto embassies.
“In Taiwan, RedJuliett has been observed to focus on the technology industry, including organizations in critical technology sectors, conducting vulnerability scans and exploit attempts against a semiconductor company and two Taiwanese aerospace companies that have contracts with the Taiwanese military,” Recorded Future said in the report.
“The group also targeted eight electronics manufacturers, two technology-focused universities, one industrial embedded systems company, one technology-focused research and development organization, and seven computing industry associations.”
About two-thirds of the targets were in Taiwan, but the group also compromised organizations elsewhere in the region, including religious organizations in Taiwan, Hong Kong and South Korea, and a university in Djibouti.
Recorded Future said it expects Chinese state-backed hackers will continue to target Taiwan for intelligence gathering operations.
“We expect Chinese state-sponsored groups will continue to focus on reconnaissance and exploitation of public-facing devices, as this has proven to be a successful tactic in expanding initial access to a variety of targets around the world,” the cybersecurity firm said.
China’s Foreign Ministry and the Chinese Embassy in Washington, D.C. did not immediately respond to requests for comment.
Beijing has previously denied any involvement in cyber espionage carried out by governments around the world, instead portraying itself as a regular victim of cyber attacks.
China claims Taiwan as its own territory and is democratically governed, but the Chinese Communist Party has never ruled the island.
Relations between Beijing and Taipei have deteriorated as Taiwan’s ruling Democratic Progressive Party seeks to raise Taiwan’s profile on the international stage.
Taiwan’s President Lai Ching-te on Monday slammed Beijing for issuing legal guidelines warning of the death penalty for anyone who advocates Taiwanese independence.
“I want to emphasize that democracy is not a crime. The real evil is dictatorship,” Lai told reporters.
Lai, whom Beijing denounces as a “separatist,” says Taiwan is already an independent sovereign nation and does not need to formally declare independence.
