Taiwan’s state-owned energy company suffers ransomware attack

In energy-import-dependent Taiwan, the CPC Corp. is a high-value target.

Ransomware has struck the computer systems of Taiwan’s state-owned energy company, CPC Corp., according to local media and private forensic reports reviewed by CyberScoop.

CPC Corp., an important national asset responsible for delivering oil products and importing liquefied natural gas (LNG), said Tuesday that, after hackers attacked its IT network, the company had restored some of it computers and servers. Although the attack didn’t affect the company’s energy production, it did disrupt some customers’ efforts to use CPC Corp.’s payment cards to purchase gas.

In Taiwan, CPC represents a high-value target for malicious hackers. Taiwan is heavily reliant on imports for its energy needs, and the company has invested in a number of offshore oil and gas projects.

CPC’s official statement did not mention ransomware, but private-sector reports obtained by CyberScoop shed more light on the incident.


Two of the malicious files used in the attack are detected as ransomware on VirusTotal, the public malware analysis repository, according to a private analysis shared with CyberScoop. The report, distributed to Taiwanese security professionals on Tuesday, refers to a cyberattack on a “state-owned enterprise.” A source familiar with the document, which included a screenshot of an apparent ransom note, said that enterprise is CPC.

On Tuesday, Trend Micro, a multinational cybersecurity company, also alluded to the incident in an alert to customers. The advisory, which referred to the same ransomware samples, warned Trend Micro customers of ongoing ransomware threats to Taiwanese companies and told them to seek help if they saw attempts to break into their systems.

Taiwanese authorities have yet to name a culprit in the attack on CPC.

After its website was down for much of Tuesday, CPC Corp. struck a defiant tone when it was finally able to post its statement online, pledging to “introduce a more rigorous security detection system.”

The U.S. government has previously tried to bolster the cybersecurity defenses of Taiwan, which China considers its territory. In November, the American Institute in Taiwan, the de-facto U.S. embassy on the island, sponsored a drill that simulated attacks on Taiwanese public and private organizations.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts