New Delhi: Cyber intelligence firm Cyfirma has told Reuters that a Chinese state-backed hacking group APT10, also known as Stone Panda targeted the IT systems of two Indian vaccine makers whose coronavirus shots are being used in the country’s immunization campaign.
Goldman Sachs-backed Cyfirma, based in Singapore and Tokyo identified gaps and vulnerabilities in the IT infrastructure and supply chain software of Bharat Biotech and the Serum Institute of India (SII), the world’s largest vaccine maker.
“The real motivation here is actually exfiltrating intellectual property and getting a competitive advantage over Indian pharmaceutical companies,” said Cyfirma Chief Executive Kumar Ritesh, formerly a top cyber official with British foreign intelligence agency MI6.
“In the case of Serum Institute, they have found a number of their public servers running weak web servers, these are vulnerable web servers,” Ritesh said, referring to the hackers.
“They have spoken about the weak web application, they are also talking about the weak content-management system. It’s quite alarming.”
China’s foreign ministry did not reply to a request for comment.