News Roundup: June 1-15, 2024
Bite-sized news and updates on the latest in Taiwan cybersecurity
Chungwa Telecom Targeted by Threat Actor Selling Unauthorized Access
June 3, 2024
A threat actor known as 303 claims to have unauthorized shell access to Chungwa Telecom, Taiwan's largest telecom company, and is selling it for $4,000, negotiable. They assert access to 910 GB of the company’s internal data. Chungwa Telecom, a key player in Taiwan’s telecommunications sector with a revenue of $7.2 billion, now faces significant cybersecurity concerns. The availability of this unauthorized access for purchase, with payments accepted in Bitcoin and Monero, highlights the persistent risks major corporations face from cybercriminal activities, raising alarms about the protection of sensitive data.
Taiwan's TeamT5 Wins Computex Best Choice Award for Anti-Ransomware Solution
June 4, 2024
TeamT5, a Taiwanese cybersecurity firm, has won the prestigious Computex Best Choice Award - Golden Award for its ThreatSonar Anti-Ransomware solution. The award was presented by Taiwan's President Lai Ching-te. ThreatSonar is an advanced Endpoint Detection and Response platform designed to combat advanced persistent threats (APTs) and ransomware by continuously predicting threats and monitoring abnormal behaviors. This recognition underscores Taiwan's leading role in cybersecurity innovation and its commitment to developing cutting-edge solutions to protect against sophisticated cyber threats.
Taiwan Supports Palau in Wake of Major Cyberattack
June 4, 2024
Taiwan has stepped up to assist Palau following a significant cyberattack that saw over 20,000 documents stolen from the Pacific island nation. Palau, one of the few countries recognizing Taiwan as an independent democracy, accused China of orchestrating the attack to strain their relationship and undermine Palau’s ties with the United States. The stolen data, which later appeared on the dark web, included sensitive information about U.S. radar installations and Japanese Navy ship visits, as well as numerous documents detailing the close relationship between Palau and Taiwan. Despite China's denial and claims from the ransomware group DragonForce that the attack was financially motivated, Palau's leaders insist the hack was politically driven. Taiwan, condemning the cyberattack, is aiding Palau in bolstering its cybersecurity through various initiatives, reaffirming their strong diplomatic bond and commitment to countering "authoritarian infiltration."
Taiwanese Manufacturer Clevo Hit by RansomHub Ransomware Attack
June 4, 2024
Clevo, a leading Taiwanese manufacturer of customizable gaming laptops and a subsidiary of Chicony Electronics, has been targeted by the RansomHub ransomware group. The attackers claim to have stolen 200GB of sensitive data, including manufacturing roadmaps, license agreements, and schematic drawings, and have encrypted Clevo's network and backups. RansomHub has given Clevo an eight-day deadline to negotiate and pay a ransom to avoid the public release of the stolen information. This incident underscores the vulnerabilities faced by Taiwanese tech companies in the cybersecurity landscape, highlighting the urgent need for robust protective measures against sophisticated ransomware threats. Clevo's critical role in the gaming industry and its partnerships with major technology firms make the implications of this breach particularly significant.
Cactus Ransomware Targets Taiwanese Networking Firm Connection Technology Systems
June 10, 2024
Connection Technology Systems Inc. (CTS), a Taiwanese leader in advanced networking solutions, has been named a victim by the Cactus ransomware group on their blog site. Since November 2023, Cactus has targeted vulnerable Qlik Sense servers, combining technical exploits with deceptive psychological tactics to complicate mitigation efforts. The attack on CTS, which occurred on June 11, 2024, resulted in a 93GB data breach, significantly disrupting the company's operations. CTS, headquartered in Taipei and serving over 350 customers globally, faced the ransomware group's sophisticated methods, which included disabling security tools and deploying custom encryption scripts. This incident highlights the critical need for robust cybersecurity defenses for companies operating in essential sectors such as telecommunications and manufacturing.
CyberSec Taiwan
About CyberSec Taiwan
Your source for the latest news and analysis on Taiwan-centric cybersecurity.