Chinese Hackers Target Indian Vaccine Makers SII

Chinese Hackers Target Indian Vaccine Makers SII

A Chinese state-backed hacking group has in recent weeks targeted the IT systems of two Indian vaccine manufacturers whose coronavirus injections are being used in the country’s immunization campaign, cyber intelligence firm Cyfirma said. to Reuters.

Rivals China and India have sold or gifted COVID-19 injections to many countries. India produces more than 60% of all vaccines sold in the world.

Cyfirma, backed by Singapore and Tokyo-based Goldman Sachs, said Chinese hacking group APT10, also known as Stone Panda, had identified gaps and vulnerabilities in Bharat Biotech’s IT infrastructure and supply chain software. and the Serum Institute of India (SII). the world’s largest vaccine manufacturer.

“The real motivation here is actually to exfiltrate intellectual property and gain a competitive advantage over Indian pharmaceutical companies,” said Cyfirma Chief Executive Kumar Ritesh, formerly a senior cyber official at the British foreign intelligence agency MI6.

He said APT10 was actively targeting IBS, which is manufacturing the AstraZeneca vaccine for many countries and will soon start manufacturing Novavax injections in bulk.

“In the case of Serum Institute, they have found several of their public servers running weak web servers, these are vulnerable web servers,” Ritesh said, referring to the hackers.

“They have talked about a weak web application, they are also talking about a weak content management system. It’s quite alarming. ”

China’s Foreign Ministry did not respond to a request for comment. But responding to a question on whether Chinese hackers had a role in the attack on India’s power grid that caused a blackout in Mumbai last year, the ministry said it was a strong advocate for cybersecurity.

“China firmly opposes and cracks down on all forms of cyberattacks,” its embassy in New Delhi said on Twitter, citing the Foreign Ministry. “Speculation and manufacturing have no role to play in the cyber attack.”

SII and Bharat Biotech declined to comment. The office of the director-general of India’s state Computer Emergency Response Team (CERT) said the matter had been turned over to its chief operating officer, SS Sarma.

Sarma told Reuters that CERT was a “legal agency and we cannot confirm this to the media.”

Cyfirma said in a statement that it had informed CERT authorities and that they had recognized the threat.

The US Department of Justice said here in 2018 that APT10 had acted in partnership with China’s Ministry of State Security.

Microsoft said here in November that it had detected cyberattacks from Russia and North Korea targeting vaccine companies in India, Canada, France, South Korea, and the United States. North Korean hackers also tried to break into the systems of British pharmaceutical company AstraZeneca, Reuters reported here.