Taiwan Research Institute Details
Taiwan Research Institute
• 200 employees • Energy and Utilities
Taiwan
Industry
Energy and Utilities
Security Incidents
1
The Taiwan Research Institute (TRI) was established in 1994 as a privately funded non-profit organization and a non-partisan specialized think tank. It consists of five research divisions, five research centers, and a consult committee. TRI focuses on a range of research topics, primarily energy policy, electricity management, environmental policy, renewable energy development, and greenhouse gas emissions reduction policy.
Security Incidents
Taiwan Research Institute Breach of Jul 2022
The attackers used ShadowPad to execute a series of reconnaissance commands to map out the network, collect data on hosts, and identify other exploitable systems. They har...
Show more
This incident is significant due to the strategic importance of the targeted research, the high skill level demonstrated by the attackers, and the potential for further attacks leveraging the stolen data. The severity of this incident is r...
Show more
Severity Score
Significant to High
Type
Malware AttackSummary
In July 2023, a Taiwan-based government-affiliated research institute specializing in advanced computing was compromised by the China-linked hacking group APT41. The breach involved the deployment of various sophisticated malware tools, including the ShadowPad remote access trojan (RAT), the Cobalt Strike post-compromise tool, and a custom loader exploiting a 2018 Windows remote code execution vulnerability (CVE-2018-0824).The attackers used ShadowPad to execute a series of reconnaissance commands to map out the network, collect data on hosts, and identify other exploitable systems. They har...
Show more
Severity
APT41, a well-known Chinese state-sponsored hacking group, compromised a government-affiliated research institute in Taiwan, specializing in advanced computing. They exfiltrated sensitive documents, harvested credentials using tools like Mimikatz and WebBrowserPassView, and employed advanced evasion techniques such as steganography and loader customization.This incident is significant due to the strategic importance of the targeted research, the high skill level demonstrated by the attackers, and the potential for further attacks leveraging the stolen data. The severity of this incident is r...
Show more
Impact
The attackers managed to steal some sensitive documents from three compromised systems, highlighting a significant breach of internal data and intellectual property. Additionally, through advanced tactics such as deploying custom loaders and exploiting known vulnerabilities, the attackers were able to navigate the institute's network, harvest credentials, and maintain persistence without immediate detection.KEEP YOUR ENVIRONMENT SECURE
Weak credentials are the leading cause of breaches. Beyond Identity can help.
See MFA exploits in action
Watch how adversaries exploit companies in quick videos