Hackers known as the Winnti Group were behind ransomware attacks on Taiwan’s two largest fuel suppliers, the Ministry of Justice Investigation Bureau said on Friday, adding that similar attacks on 10 domestic companies are likely in the next few days.
On May 4, state-run CPC Corp, Taiwan announced that its computer system had been infected with ransomware, causing payment issues at gas stations.
Formosa Petrochemical Corp reported similar issues the following day, and shut down its computer systems.
Powertech Technology Inc, a Hsinchu-based semiconductor firm, also reported a ransomware attack on May 5.
The bureau said that the Winnti Group, which is believed to be from China, likely had access to the firms’ computer systems for months before it carried out the attacks.
Liu Chia-jung (劉家榮), deputy director of the bureau’s Information Security Workstation, said that the hackers gained access to the companies’ Active Directory — a service for managing computers and other devices within a network — and used its task scheduling function to distribute the ransomware throughout each company’s computer network.
When employees’ computers tried to access the network at the start of the work day, a message appeared stating that their files had been encrypted and demanding a ransom of US$3,000 to unlock them, Liu said.
The bureau has asked international authorities investigating six German and Swiss e-mail accounts believed to be connected to the crimes for help, Liu said.
It has also asked US authorities to investigate a US-based company from which the group rented a virtual private server.
The bureau said it had information that the hackers planned to carry out similar attacks on 10 other Taiwanese companies in the next few days, but added that it did not know which are being targeted.
The bureau said that it has advised companies on several steps they could take to improve their digital security.
CPC, which local media reported was suffering computer issues again on Thursday, released a statement on Friday blaming the issue on an operational error, and said that it had strengthened its information security procedures following the May 4 attack.
REPORT: Taipei has expressed an interest in obtaining loitering munitions matching the AeroVironment Switchblade 300 or the Anduril Altius-600, ‘Foreign Policy’ said Taiwan is seeking US-made kamikaze drones in an apparent concession to pressure from Washington to focus on asymmetric capabilities to defeat or deter a Chinese attack, Foreign Policy said in a report on Wednesday. Taipei has expressed an interest in obtaining AeroVironment Switchblade loitering munitions or other devices with similar capabilities, it said, citing four sources familiar with the matter commenting on condition of anonymity. The Switchblade 300 is a tube-launched drone designed for attacking ground troops, while its larger sibling, the Switchblade 600, could be used to destroy tanks and entrenched troops. Ukraine has utilized both systems extensively in its fight against
Police officers yesterday morning apprehended the prime suspect of a triple homicide case, after raiding the suspect’s hideout in Taichung. They transported the suspect to New Taipei City for questioning and recorded his statement last night. The suspect, identified as a 24-year-old man surnamed Chang (張), is believed to have used his hands to strangle his wife, surnamed Chen (陳), 29, along with his three-year-old son from a previous marriage and his wife’s mother, 69. The three dead bodies were wrapped in blankets when they were discovered inside their apartment in New Taipei City’s Sanchong District (三重) on Saturday. Chang was holding a
Hungarian Member of Parliament Tompos Marton said he considers Taiwan to be a better alternative to China as a strategic partner. Marton, who is the vice president of the opposition Momentum Party, made the remarks in an interview with the Central News Agency on Sunday. He draped a Republic of China flag across his shoulders to protest Chinese President Xi Jinping’s (習近平) visit to the capital city, Budapest, on Thursday last week, and openly voiced support for Taiwan on social media. He said in the interview that he wanted to remind the world that there were alternatives to China, and that “Taiwan has
A female physician at New Taipei City’s Shuang Ho Hospital was bullied and made to work for 32 consecutive hours by a senior colleague while pregnant before later having a miscarriage, an internal investigation found, the hospital said on Monday. The perpetrator has been removed from his post, the hospital said. The attending physician in the hospital’s Medical Imaging Department, identified by the pseudonym Y, earlier on Monday told reporters that she had been bullied by a male senior colleague who arranged shifts in her department. In January, shortly after she became pregnant, Y asked the department director if she could avoid overnight