Communist China's hacking group had exploited vulnerabilities in the IT infrastructure and supply chain software of Bharat Biotech and the Serum Institute of India.

The Beijing regime-backed hacking group has in recent weeks targeted the IT systems of two Indian vaccine makers whose coronavirus shots are being used in the country’s immunisation campaign, revealed cyber intelligence firm Cyfirma.

Goldman Sachs-backed Cyfirma, based in Singapore and Tokyo, informed Chinese hacking group APT10, also known as Stone Panda, had identified gaps and vulnerabilities in the IT infrastructure and supply chain software of Bharat Biotech and the Serum Institute of India, the world’s largest vaccine maker.

The real goal was exfiltrating intellectual property and getting competitive advantage over Indian pharmaceutical companies, said Cyfirma Chief Executive Kumar Ritesh, formerly a top cyber official with British foreign intelligence agency MI6.

He said APT10 was actively targeting SII, which is making the AstraZeneca vaccine for many countries and will soon start bulk-manufacturing Novavax shots.


Vulnerable software, weak servers

A number of their public servers were found running vulnerable web servers at the Serum Institute, Mr. Ritesh said, referring to the hackers.
The investigators have spoken about weak web application, they are also talking about weak content-management system. It’s quite alarming, he concluded.

Bharat Biotech’s COVAXIN shot, developed with the state-run Indian Council of Medical Research, will be exported to many countries, including Brazil.

Mr. Ritesh, whose firm follows the activities of some 750 cyber criminals and monitors nearly 2,000 hacking campaigns using a tool called decipher, said it was not yet clear what vaccine-related information APT10 may have accessed from the Indian companies.

In November, Microsoft informed, that it had detected cyber attacks from Russia and North Korea targeting COVID-19 vaccine companies in India, Canada, France, South Korea and the United States.