Cyber ​​intelligence company Cyfirma told Reuters that a Chinese government-backed hacking organization has targeted the IT systems of two Indian vaccine manufacturers in recent weeks that used coronavirus shots in their vaccination campaigns. India produces more than 60% of all vaccines sold worldwide. Goldman Sachs-backed Cyfirma is headquartered in Singapore and Tokyo, and said that the Chinese hacker group APT10 (also known as Stone Panda) has determined the IT infrastructure and supply chain software of Bharat Biotech and Serum Institute of India (SII) Loopholes and loopholes, the world’s largest vaccine manufacturer.

Kumar Ritesh, CEO of Cyfirma, was a senior cyber official of MI6, a British foreign intelligence agency. He said: “The real motivation here is actually to penetrate Indian intellectual property rights and obtain cooperation with Indian pharmaceutical companies. Comparative competitive advantage.” He said that APT10 is actively targeting SII, which is producing AstraZeneca vaccines in many countries/regions and will soon start mass production of Novavax vaccines.

Ritesh said: “As far as the Serum Institute is concerned, they found that many public servers running weak web servers are vulnerable web servers.” “They talked about weak web applications, and they talked about weak content management systems. . This is very shocking.”

The Chinese Ministry of Foreign Affairs did not respond to a request for comment. SII and Bharat Biotech declined to comment.

The office of the director of the state-run Indian Computer Emergency Response Team (CERT) stated that the matter has been handed over to its operations director SS Sarma. Salma told Reuters that CERT is a “legal agency, and we cannot confirm this to the media.” Cyfirma said in a statement that it has notified the CERT authorities and they have acknowledged the threat. Cyfirma said, “They checked and they came back.”

See also  Large insurance company Massmutual invests $100 million in Bitcoin for long-term value

“Our technical analysis and evaluation validated threats and attacks.”

The U.S. Department of Justice stated in 2018 that APT10 has taken action in cooperation with the Chinese Ministry of National Security. Microsoft said in November that it had detected cyberattacks from Russia and North Korea that targeted COVID-19 vaccine companies in India, Canada, France, South Korea and the United States.

According to Reuters, North Korean hackers also tried to break into the systems of British drug maker AstraZeneca. Ritesh’s company tracks the activities of approximately 750 cybercriminals and uses a tool called DeCYFIR to monitor nearly 2,000 hacking activities. He said it is not clear what vaccine-related information the Indian company may have obtained from APT10 . Bharat Biotech’s Covaxin injection, developed in cooperation with the state-run Indian Medical Research Council, will be exported to many countries, including Brazil and the United States.

Pharmaceutical manufacturer Pfizer Inc and its German partner BioNTech SE stated in December that in a cyberattack on European drug regulators, “documents related to the development of its COVID-19 vaccine were illegally obtained”.


Should the government explain why Chinese applications are banned? We discussed on the weekly technical podcast Orbital, you can subscribe via Apple Podcast, Google Podcast or RSS, download the episode, or click the play button below.