Chinese hackers target vaccine-makers Serum Institute, Biotech: Report

Vaccines made by both these firms are being currently used in ongoing COVID-19 inoculation drive

Representative photo

The IT systems of Indian vaccine-makers, the Serum Institute of India (SII) and Bharat Biotech, were in recent weeks targeted by a Chinese state-backed hacking group, said a Reuters report on Monday quoting cyber intelligence firm Cyfirma.

Vaccines manufactured by both these companies are being currently used in the ongoing COVID-19 inoculation drive. While Serum Institute is manufacturing Oxford-AstraZeneca’s Covishield vaccine, Bharat Biotech is producing the indigenously developed Covaxin.

According to the Singapore and Tokyo-based Cyfirma, the Chinese group that targeted the two pharma firms’ IT systems was APT10, which is also known as Stone Panda. It identified vulnerabilities in the IT infrastructure and supply chain software of the two companies, said Cyfirma, which is backed by Goldman Sachs.

The report quoted the cyber intelligence firm’s chief executive Kumar Ritesh as saying that the real motivation of the Chinese hackers was to illegally extract intellectual property and to get competitive advantage over Indian pharmaceutical companies.

Ritesh, who was formerly a top British intelligence (MI6) official, said SII was being actively targeted by APT10. He said they have found some vulnerable public servers in case of the Serum Institute. “They’ve spoken about weak web application, they are also talking about weak content-management system. It’s quite alarming,” he was quoted as saying.

Related news | India steals a march over China in vaccine diplomacy

The SII is the world’s largest vaccine maker. Over 60% of all vaccines sold in the world are produced in India, which also gifts bulks of them to other countries. China too had sold or gifted COVID-19 vaccines to other nations.

The US justice department had in 2018 found APT10 to be working along with the Chinese ministry of state security. Besides, Russian and North Korean hackers too have been cyber-attacking COVID-19 vaccine-makers in India and other countries, Microsoft had said.