China-based hacking group 'Flax Typhoon' has targeted Taiwan's government agencies, according to Microsoft

Taipei (Taiwan) (AFP) - A China-based hacking group named “Flax Typhoon” has targeted dozens of Taiwanese government agencies with the likely aim of spying on them, Microsoft has revealed.

Taiwan has long accused China – which claims the self-ruled island as its territory – of espionage through cyberattacks on its government networks.

Microsoft said Thursday that Flax Typhoon, “a nation-state actor based out of China”, has since mid-2021 mainly “targeted government agencies and education, critical manufacturing, and information technology organizations in Taiwan”.

The activities observed suggest “the threat actor intends to perform espionage and maintain access to organizations across a broad range of industries for as long as possible,” the US tech giant said in a blog post.

“However, Microsoft has not observed Flax Typhoon act on final objectives in this campaign.”

China has long vowed to take Taiwan – by force if necessary – and has stepped up military and political pressure on the island.

In addition to government agencies, Microsoft said Flax Typhoon has also targeted “critical manufacturing and information technology organizations in Taiwan”.

The firm said outside of Taiwan, there were some Flax Typhoon “victims” in Southeast Asia, North America and Africa.

Last month, Microsoft said China-based hackers seeking intelligence had breached the email accounts of a number of US government agencies.

That hacking group – which Microsoft called Storm-0558 – primarily focuses on “espionage, data theft, and credential access”.

The company also warned this year that state-sponsored Chinese hackers had infiltrated critical US infrastructure networks, saying this was likely aimed at hampering the United States during a conflict.

Microsoft made particular mention of Guam, a US Pacific territory with a vital military base, as a target.

Authorities in Australia, Canada, New Zealand and Britain have also warned that Chinese hacking is likely taking place globally, affecting an extensive range of infrastructure.