Story image

Taiwan a regular target of cyber espionage

28 Nov 2016

Taiwan has been a regular target of cyber espionage threat actors for a number of years.

That’s according to Palo Alto Networks, a cyber security firm that says Taiwan is being targeted because of its emerging economy and growth.

In early August, Unit 42 identified two attacks using similar techniques. The firm found that the more interesting one was a targeted attack towards the Secretary General of Taiwan’s Government office – Executive Yuan.

The Executive Yuan Council evaluates statutory and budgetary bills and bills concerning martial law, amnesty, declaration of war, conclusion of peace and treaties, and other important affairs.

The second attack was against an energy sector company also located in Taiwan.

All attacks in this case are associated with a campaign called Tropic Trooper, which has been active since at least 2011 and is known for heavily targeting Taiwan.

According to Palo Alto, one of the attacks used their known Yahoyah malware, but the other attack deployed the widely available Poison Ivy RAT. 

Further analysis uncovered a handful of ties indicating the actors may also be using the PCShare malware family, which has not been previously tied to the group.

“As we have noted in many earlier reports, attackers commonly use decoy files to trick victims into thinking a malicious document is actually legitimate,” Palo Alto reported.

“After infecting the computer, they display a clean document to the victim that contains content that is relevant to them.”

Privacy: The real cost of “free” mobile apps
Sales of location targeted advertising, based on location data provided by apps, is set to reach $30 billion by 2020.
Myth-busting assumptions about identity governance - SailPoint
The identity governance space has evolved and matured over the past 10 years, changing with the world around it.
Forrester names Crowdstrike leader in incident response
The report provides an in-depth evaluation of the top 15 IR service providers across 11 criteria.
Slack doubles down on enterprise key management
EKM adds an extra layer of protection so customers can share conversations, files, and data while still meeting their own risk mitigation requirements.
Security professionals want to return fire – Venafi
Seventy-two percent of professionals surveyed believe nation-states have the right to ‘hack back’ cybercriminals.
Alcatraz AI to replace corporate badges with AI security
The Palo Alto-based startup supposedly leverages facial recognition, 3D sensing, and machine learning to enable secure access control.
Ensign and IronNet partner to create cyber analytics capabilities
The Singapore-based joint venture will form a Cyber Analytics Center for Excellence focused on securing regional enterprises from sophisticated cyber threats.
Unencrypted Gearbest database leaves over 1.5mil shoppers’ records exposed
Depending on the countries and information requirements, the data could give hackers access to online government portals, banking apps, and health insurance records.