CYBERSEC 2022 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy. I Agree
Technology powers everything in our lives from our personal day-to-day lives to the day-to-day operations of the world’s largest industries and enterprises. Supply chain attacks pose grave risk as their impact is far more reaching and their damage far more severe than ever before.
In Nov 2021, it was reported that several well-known securities firms—as well as Taiwan’s greater financial sector—were targeted by credential stuffing attacks. However, an in-depth digital forensic investigation and detailed malware analysis by CyCraft concluded that the China-sponsored threat group APT10 had launched this series of sophisticated intrusions by exploiting one supply chain vulnerability, affecting multiple Taiwan institutions across the financial sector.
In this talk, we will share our forensic investigation results into this novel attack, including analyses of the leveraged tools, attack techniques, and malware. We will also discuss what this new attack behavior in China-state threat groups means for Taiwan, our financial institutions, and Taiwan’s cyber defense strategies against supply chain attacks.
Jeremy Chiu (aka Birdman) graduated from National Central University and obtained a master's degree in Computer Science and Engineering from Tatung University. He's the founder and Chief Technology Officer (CTO) of CyCraft Technology and serves as a consultant for Hacks In Taiwan Conference (HITCON). As an expert in cybersecurity technologies, he has more than 15 years of relevant research experience. With a talent to impart knowledge of cybersecurity through lively and interesting lectures, Birdman frequently publishes his research at major cybersecurity conferences every year both domestically (e.g., HITCON and iThome) and internationally (e.g., US-based Black Hat). In addition, Birdman is a renowned entrepreneur in Taiwan's cybersecurity industry. Along with Benson Wu in 2011, he co-founded Taiwan's first company to specialize in the development of APT defense products. In 2014, the company was acquired and affirmed by an Israeli cybersecurity company listed on the U.S. NASDAQ.
CyCraft Technology, a newly founded startup by Birdman, focuses on integrating artificial intelligence research with cybersecurity technologies. Specifically, the main research focus of CyCraft Technology is the development of automatic analysis systems, analyses of hacker activities, malware analyses, and machine learning algorithms. Moreover, multiple specialist studies on cybersecurity have been published by CyCraft at global seminars, such as Black Hat, DEFCON, SyScan, HITCON, FIRST, AVTokyo, HTICA, and OWASP Asia.