A Chinese state-backed hacking group has in recent weeks targeted the IT systems of two Indian vaccine makers—Bharat Biotech and Serum Institute of India (SII)—whose coronavirus shots are being used in the country’s immunisation campaign, cyber intelligence firm Cyfirma told news agency Reuters.
China and India have both sold or gifted Covid-19 shots to many countries. India produces more than 60 per cent of all vaccines sold in the world.
Goldman Sachs-backed Cyfirma, based in Singapore and Tokyo, said Chinese hacking group APT10, also known as Stone Panda, had identified gaps and vulnerabilities in the IT infrastructure and supply chain software of Bharat Biotech and SII, the world’s largest vaccine maker.
“The real motivation here is actually exfiltrating intellectual property and getting competitive advantage over Indian pharmaceutical companies,” said Cyfirma Chief Executive Kumar Ritesh, formerly a top cyber official with British foreign intelligence agency MI6.
He said APT10 was actively targeting SII, which is making the AstraZeneca vaccine for many countries and will soon start bulk-manufacturing Novavax shots.
“In the case of Serum Institute, they have found a number of their public servers running weak web servers, these are vulnerable web servers,” Reuters quoted Ritesh as saying, referring to the hackers. “They have spoken about weak web application, they are also talking about weak content-management system. It’s quite alarming.”
SII and Bharat Biotech declined to comment. The government-run Computer Emergency Response Team, with whom Cyfirma said it had shared its findings, had no immediate comment.
The US Department of Justice said in 2018 that APT10 had acted in association with the Chinese Ministry of State Security.
Microsoft said in November that it had detected cyber attacks from Russia and North Korea targeting Covid-19 vaccine companies in India, Canada, France, South Korea and the United States. North Korean hackers also tried to break into the systems of British drugmaker AstraZeneca, Reuters reported.