Sourced from the net by Tracy Cabrera
SINGAPORE— A cyber intelligence firm based in Singapore has revealed that a Chinese state-backed hacking group has targeted the IT systems of two Indian vaccine makers whose coronavirus shots are being used in the country’s immunization campaign.
According to the cyber firm Cyfirma, rivals Beijing and New Delhi have both sold or gifted Covid-19 vaccines to many countries even as India produces more than 60 percent of all vaccines sold in the world and this may be the reason behind the latest cyber attacks.
The Goldman Sachs-backed Cyfirma said that Chinese hacking group APT10, also known as Stone Panda, had identified gaps and vulnerabilities in the IT infrastructure and supply chain software of Bharat Biotech and the world’s largest vaccine maker Serum Institute of India (SII).
“The real motivation here is actually exfiltrating intellectual property and getting competitive advantage over Indian pharmaceutical companies,” Cyfirma chief executive Kumar Ritesh pointed out.
Ritesh, formerly a top cyber official with British foreign intelligence agency MI6, revealed that APT10 was actively targeting SII, which is making the AstraZeneca vaccine for many countries and will soon start bulk-manufacturing Novavax shots.
“In the case of Serum Institute, they have found a number of their public servers running weak web servers, these are vulnerable web servers,” Ritesh added in reference to the Chinese hackers. “They have spoken about the weak web applications, they are also talking about the weak content-management system. It’s quite alarming.”
China’s foreign Ministry did not reply to a request for comment concerning Cyfirma’s allegations, but responding to a question on whether Chinese hackers had a role in attacking India’s power grid which caused a blackout in Mumbai last year, the ministry said it was a staunch defender of cybersecurity.
“China firmly opposes and cracks down on all forms of cyberattacks. Speculation and fabrication have no role to play on the issue of cyberattacks,” its embassy in New Delhi commented on Twitter, quoting the foreign ministry.
SII and Bharat Biotech declined to comment. The office of the director-general of the state-run Indian Computer Emergency Response Team (CERT) said the matter had been handed to its operations director, S.S. Sarma.
Sarma disclosed that CERT was a “legal agency and we can’t confirm this thing to media.”
Cyfirma said in a statement it had informed CERT authorities and that they had acknowledged the threat.
The U.S. Department of Justice that in 2018 APT10 had acted in association with the Chinese Ministry of State Security.
Ritesh, whose firm follows the activities of some 750 cybercriminals and monitors nearly 2,000 hacking campaigns using a tool called DeCYFIR, said it was not yet clear what information APT10 may have accessed from the Indian companies.
Relations between nuclear-armed neighbors China and India have soured in recent months, especially after 20 Indian and four Chinese soldiers were killed in a Himalayan border fight. (AI/MTVN)