A cybersecurity firm has reported that a suspected hacking group supported by China has intensified its attacks on organizations in Taiwan, as part of Beijing’s efforts to gather intelligence on the self-governing island. Recorded Future disclosed that between November 2023 and April of this year, the group known as RedJuliett compromised approximately two dozen entities, targeting sectors crucial for Taiwan’s diplomatic relations and technological advancements.
The group exploited vulnerabilities in internet-facing devices like firewalls and VPNs to breach its targets, which included technology companies, government agencies, and universities, according to the US-based firm. Recorded Future’s report revealed that RedJuliett also conducted reconnaissance activities against over 70 Taiwanese organizations, including de facto embassies.
Specifically, the hacking group targeted Taiwan’s technology industry heavily, including critical sectors like semiconductor and aerospace companies with ties to the military. Their scope extended to electronics manufacturers, technology-focused universities, and various associations within the computing industry.
While the majority of their targets were in Taiwan, RedJuliett also compromised organizations in other regions, such as religious institutions in Taiwan, Hong Kong, and South Korea and a university in Djibouti.
Recorded Future anticipated continued targeting of Taiwan by Chinese state-sponsored hackers for intelligence gathering, particularly focusing on exploiting vulnerabilities in public-facing devices. The cybersecurity firm highlighted that these tactics have proven successful in gaining initial access to a broad range of global targets.