Chinese hackers target Indian vaccine makersPosted On: Mar. 1, 2021 10:35 AM CST
(Reuters) — A Chinese state-backed hacking group has in recent weeks targeted the IT systems of two Indian vaccine makers whose coronavirus shots are being used in the country’s immunization campaign, cyber intelligence company Cyfirma told Reuters.
Rivals China and India have both sold or gifted COVID-19 shots to many countries. India produces more than 60% of all vaccines sold in the world.
Goldman Sachs-backed Cyfirma, based in Singapore and Tokyo, said Chinese hacking group APT10, also known as Stone Panda, had identified gaps and vulnerabilities in the IT infrastructure and supply chain software of Bharat Biotech and the Serum Institute of India (SII), the world's largest vaccine maker.
“The real motivation here is actually exfiltrating intellectual property and getting competitive advantage over Indian pharmaceutical companies,” said Cyfirma CEO Kumar Ritesh, formerly a top cyber official with British foreign intelligence agency MI6.
He said APT10 was actively targeting SII, which is making the AstraZeneca vaccine for many countries and will soon start bulk-manufacturing Novavax shots.
“In the case of Serum Institute, they have found a number of their public servers running weak web servers. These are vulnerable web servers,” Mr. Ritesh said, referring to the hackers.
China's foreign ministry did not reply to a request for comment.
SII and Bharat Biotech declined to comment. The office of the director-general of the state-run Indian Computer Emergency Response Team (CERT) said the matter had been handed to its operations director, S.S. Sarma.
Cyfirma said in a statement it had informed CERT authorities and that they had acknowledged the threat.
More insurance and risk management news on the coronavirus crisis here.