The Chinese hacking group Stone Panda or APT10 has been identified as responsible for the attacks on Indian vaccine makers, as confirmed by a cybersecurity firm. The hacking group had identified flaws and vulnerabilities in the IT infrastructure and software supply chain of the world’s largest vaccine maker companies, Serum Institute of India or SII and Bharat Biotech.
The two countries have been rivals as both countries either sold or gifted covid19 vaccine shots to many countries globally. Currently, India produces more than 60% of all the vaccines sold in the world.
It is believed that the IT systems of two vaccine makers in India whose coronavirus vaccine shots are currently being used on the country’s immunization campaign are being targeted by the Chinese government-sponsored hacking group in recent weeks.
As mentioned by Kumar Ritesh, a former top cyber official with British intelligence agency MI6, one of the apparent motivations of this attack is in exfiltrating private data and intellectual property to get a competitive advantage over the Indian pharmaceutical companies.
APT 10 is actively targeting the Serum Institute of India or SII, the maker of AstraZeneca vaccine that is being distributed globally now and they will soon start mass produce Novavax shots.
It is believed that the hackers found some SII public web servers that are weak and vulnerable. The web servers are either a web application or content management system. The foreign ministry of China did not give a comment upon the request for their statement on the matter.
In 2018, the US Department of Justice stated that Stone Panda or APT10 had acted and is associated with the Chinese Ministry of State Security. In November 2020, Microsoft said that they had detected several cyber-attacks from Russia and North Korea targeting Covid19 vaccine maker companies in India, France, Canada, South Korea and the US. Hackers from North Korea had also tried to break into the infrastructure systems of AstraZeneca drug makers.
It is not yet clear which vaccine–related data of the Indian pharmaceutical companies were accessed by the Chinese government-backed hacking group.