New Delhi: A Chinese state-backed hacking group has in recent weeks targeted the IT systems of two Indian vaccine makers. The vaccine makers have played a vital role in India’s immunisation campaign, cyber intelligence firm ‘Cyfirma’ was quoted as saying by ‘Reuters’. Both India and China have sold or gifted COVID-19 vaccines to many countries. It should be stated here that India produces more than 60 per cent of all vaccines sold in the world. The COVID-19 vaccines manufactured in India have been sent to many countries including Brazil and Canada.
Goldman Sachs-backed ‘Cyfirma’ is based in Singapore and Tokyo. It said Chinese hacking group ‘APT10’, also known as ‘Stone Panda’ is targeting the Indian vaccine makers. The group has identified gaps and vulnerabilities in the IT infrastructure and supply chain software of Bharat Biotech and the Serum Institute of India (SII), the world’s largest vaccine maker.
“The real motivation here is actually exfiltrating intellectual property and getting competitive advantage over Indian pharmaceutical companies,” said ‘Cyfirma’ Chief Executive Kumar Ritesh. He is a former a top cyber official with British foreign intelligence agency MI6.
Also read: Massive power outage brings Mumbai to a halt
Ritesh said APT10 was actively targeting SII. The company is making the AstraZeneca vaccine for many countries. It will also soon start bulk-manufacturing Novavax shots.
“In the case of Serum Institute, they have found a number of their public servers running weak web servers. These are vulnerable web servers,” Ritesh said, referring to the hackers. “They have spoken about weak web application. They are also talking about weak content-management system. It’s quite alarming,” he added.
China’s foreign ministry did not reply to a request for comment. But responding to a question on whether Chinese hackers had a role in attacking India’s power grid which caused a blackout in Mumbai last year, the ministry said it was a staunch defender of cyber security.
“China firmly opposes and cracks down on all forms of cyber attacks,” its embassy in New Delhi said on Twitter. The embassy quoting the foreign ministry also said ‘speculation and fabrication have no role to play on the issue of cyber attacks’.
SII and Bharat Biotech declined to comment. The office of the director-general of the state-run Indian Computer Emergency Response Team (CERT) said the matter had been handed to its operations director, SS Sarma.
Cyfirma said in a statement it had informed CERT authorities and that they had acknowledged the threat. The US Department of Justice said that APT10 had acted in association with the Chinese Ministry of State Security.
Ritesh’s firm follows the activities of some 750 cyber criminals. It monitors nearly 2,000 hacking campaigns using a tool called DeCYFIR. ‘Cyfirma’ however, said it was not yet clear what information APT10 may have accessed from the Indian companies.