As Taiwan shapes its role as a global semiconductor powerhouse, a surge in cyberattacks from a China-linked hacker group named “RedJuliett” is putting its critical infrastructure under unprecedented threat, according to cybersecurity firm Recorded Future.
Researchers reveal that between November 2023 and April 2024, RedJuliett conducted over 75 cyber intrusions targeting Taiwanese entities. These included semiconductor manufacturers, universities, government agencies, and think tanks. The cyber-espionage campaign comes amid heightened cross-strait tensions, with Beijing increasingly asserting its claim over Taiwan.
Espionage Targets Taiwan’s Semiconductor Backbone
The primary focus of RedJuliett’s campaign appears to be Taiwan’s semiconductor industry, a sector crucial to global technology supply chains. According to researchers hackers exploited vulnerabilities in unpatched Microsoft Exchange servers and VPNs to breach networks and extract data.
RedJuliett also reportedly used phishing emails and compromised email accounts to infiltrate organisations. While some of the intrusion attempts were thwarted, many went undetected for weeks or months. Among the most affected were smaller semiconductor suppliers and academic institutions collaborating with chip manufacturers.
Although researchers could not confirm the full extent of the stolen data, they emphasised that the attack’s scope and focus strongly suggest a state-backed cyber-espionage operation intended to harvest sensitive commercial and strategic intelligence.
Links to Chinese Infrastructure Uncovered
Findings indicate that the hackers operated from Chinese IP addresses and used digital infrastructure consistent with earlier campaigns linked to China’s People’s Liberation Army (PLA). Moreover, domain registrations and online behaviour patterns were traced to individuals located in Fuzhou, China.
Algoritha: The Most Trusted Name in BFSI Investigations and DFIR Services
While the Chinese government has officially denied involvement in any state-sponsored hacking, experts argue the sophistication of RedJuliett’s operations including targeting of cross-border policy think tanks and military research aligns with China’s long-term strategic interests in absorbing Taiwan and dominating global chip production.
The Taiwanese government has yet to issue an official statement on the findings, but is expected to bolster cybersecurity defences across critical sectors. Recorded Future also warned that these operations are likely ongoing, urging all Taiwanese institutions to patch vulnerabilities and adopt stronger security protocols immediately.