News Roundup: July 16-31, 2024
Bite-sized news and updates on the latest in Taiwan cybersecurity
Taiwan and Czech Republic Strengthen Cybersecurity Collaboration
July 16, 2024
In a bid to bolster international collaboration in cybersecurity research and development, the Taiwan Academic Cybersecurity Center (TACC) Project Office facilitated an academic exchange between Taiwanese researchers and representatives from Brno University of Technology (BUT) in the Czech Republic. Held in mid-May, this exchange aimed to enhance the impact and competitiveness of Taiwan's cybersecurity research on the global stage. Seventeen members from the TACC project team and three representatives from BUT engaged in detailed discussions, sharing key research areas, findings, and experiences, while also exploring potential future collaboration opportunities. This initiative underscores Taiwan's commitment to fostering robust international partnerships in cybersecurity.
APT41 Targets Taiwanese Organizations in Sustained Cyber Espionage Campaign
July 19, 2024
The China-based hacking group APT41 has launched a "sustained campaign" targeting various sectors in Taiwan, including global shipping and logistics, media and entertainment, technology, and automotive industries. Since 2023, APT41 has infiltrated and maintained unauthorized access to numerous networks, extracting sensitive data over an extended period. The group utilizes sophisticated tools such as web shells (ANTSWORD and BLUEBEAM), custom droppers (DUSTPAN and DUSTTRAP), and publicly available tools (SQLULDR2 and PINEGROVE) to persist in networks and exfiltrate valuable data. These activities are notable for their use of non-public malware typically reserved for espionage, highlighting the unique threat APT41 poses to Taiwan's cybersecurity landscape.
Cisco Partners with Taiwan to Boost Cybersecurity and Innovation
July 23, 2024
Taiwan is reinforcing its commitment to innovation and cybersecurity through a strengthened partnership with Cisco, as part of the Taiwan Digital Acceleration (TDA) 3.0 initiative. Announced last month, TDA 3.0 aims to enhance Taiwan's cyber resilience, sustainability, and AI capabilities. The initiative brings together government, academia, and local industry to leverage Cisco's expertise in networking and security, including the establishment of a new Taiwan Cybersecurity Center in Taipei. This center will combine cutting-edge research, innovation, and skills training to address next-generation cyber threats and support Taiwan's strategic importance as a global supplier of silicon chips. Vice President Bi-khim Hsiao emphasized the importance of this partnership, expressing gratitude for Cisco's ongoing support and collaboration with Taiwan's public and private sectors. TDA 3.0 also focuses on AI-driven smart-city projects, modernizing transportation, achieving net-zero carbon emissions by 2050, and digitizing Taiwan’s ports, underscoring the multifaceted approach to Taiwan's digital transformation. Cisco’s commitment to Taiwan extends beyond technology, aiming to drive economic prosperity and solidify Taiwan's position as a global digital leader.
Chinese Hackers Deploy New Macma macOS Backdoor in Attacks on Taiwan
July 23, 2024
The Chinese hacking group Evasive Panda, also known as Daggerfly or Bronze Highland, has deployed new versions of the Macma macOS backdoor in cyber espionage campaigns targeting organizations in Taiwan. Symantec's threat hunting team identified these attacks, which also affected an American NGO in China. Evasive Panda exploited a flaw in an Apache HTTP server to deliver a new version of their MgBot malware framework, highlighting their continuous efforts to refresh tools and evade detection. The Macma backdoor, first documented by Google in 2021, has been updated with new functionalities, including enhanced file system listing and audio recording features. This sophisticated malware framework is part of a broader toolkit used by Evasive Panda to target major operating systems like Windows, Linux, macOS, and Android, posing a significant threat to Taiwan's cybersecurity landscape.
Taiwanese Electronics Giant LITEON Hit by RansomEXX Ransomware Attack
July 26, 2024
On July 26th, 2024, Taiwanese electronics leader LITEON Technology Corporation reportedly suffered a ransomware attack by the RansomEXX gang, which posted a 142.7GB dataset on their DarkNet leak site claiming it belonged to LITEON. Headquartered in Taipei, LITEON is a global powerhouse in LED lighting, optoelectronics, automotive electronics, semiconductors, and power management modules, with an annual revenue of NT$148.3 billion (USD$4.52 billion). This incident underscores the persistent and evolving threat of ransomware attacks on major corporations. RansomEXX, known for its "double extortion" tactics, targets both Windows and Linux systems, encrypting files and demanding a ransom while threatening to publish stolen data.
Dark Web Access Sale Targets Major Taiwanese Food Company
July 29, 2024
A threat actor on a dark web forum claims to have obtained Forinet VPN access to a prominent Taiwanese food company with over $19 billion in revenue. This access is being offered for sale at $2,000, raising significant cybersecurity concerns for the company and highlighting the ongoing threat posed by cybercriminal activities targeting high-revenue businesses in Taiwan. The sale of such access underscores the urgent need for enhanced security measures to protect sensitive corporate networks from unauthorized intrusion and potential exploitation.
Read more about dark web sales in the Data Breach at Chunghwa Telecom.
PyCon Taiwan 2024: Announcing Accepted Proposals Across Diverse Categories
July 30, 2024
PyCon Taiwan has announced the accepted proposals for its 2024 conference, featuring the following categories: "Embedded Systems," "Applications," "Information Security," "Testing," "Project Build Tools," "Fintech," and "Gaming." Scheduled for September 21-22, PyCon Taiwan 2024 aims to unite Python enthusiasts from across the nation, fostering an environment for sharing experiences and discussing the latest technological advancements. This annual event, part of the global Python community, is locally organized and serves as a platform for Taiwanese developers to engage in vibrant discussions and showcase their contributions to the field.
CyCraft Wins 2024 Taiwan AI Award for Cybersecurity Innovation
July 31, 2024
CyCraft Technology has been honored with the prestigious 2024 Taiwan AI Award, highlighting its groundbreaking integration of AI and cybersecurity. This accolade underscores CyCraft's leadership in the industry, particularly through its autonomous threat exposure management platform, XCockpit. Designed to excel in enterprise attack surface management, XCockpit leverages advanced AI to anticipate potential threats, summarize attack incidents, and enhance team collaboration. This innovative approach not only sets new industry standards but also addresses workforce shortages, solidifying CyCraft's role in safeguarding Taiwan's digital landscape against emerging cybersecurity challenges.
Taiwan Strengthens Drone Regulations for Enhanced Safety and Security
July 31, 2024
Taiwan is set to implement comprehensive regulations on remote-controlled drones by the end of 2027, as announced by the Transport and Communications Ministry’s Civil Aeronautics Administration (CAA). With over 40,000 registered drones and 20,000 qualified operators as of June, the CAA aims to address the evolving drone technology landscape, which includes both larger, high-flying drones and smaller, sophisticated models. Starting December 2024, all drones sold in Taiwan must meet new cybersecurity and inspection requirements. Additionally, domestic manufacturers will need a factory registration certificate, and pre-existing drones must comply upon renewal of their inspection certificates. By December 2027, only certified and registered drones will be permitted for organizational activities. The regulations also lower the minimum age for a student remote pilot license from 16 to 14 and extend the validity of operating licenses from two to three years, ensuring robust oversight and fostering drone literacy among younger users.
Read more about how Taiwan’s Cybersecurity Revolution Protects the Internet of Things (IoT).
CyberSec Taiwan
About CyberSec Taiwan
Your source for the latest news and analysis on Taiwan-centric cybersecurity.