Hackers reportedly target Indian Covid-19 vaccine makers Serum Institute, Bharat Biotech 

2 March 2021 (Last Updated March 3rd, 2021 14:17)

A Chinese hacking group has reportedly targeted the IT systems of two Indian Covid-19 vaccine makers, the Serum Institute of India and Bharat Biotech, Goldman Sachs-backed cyber intelligence company Cyfirma told Reuters.

Hackers reportedly target Indian Covid-19 vaccine makers Serum Institute, Bharat Biotech 
India and China have sold or donated Covid-19 vaccines to several countries. Credit: Matt Allworth.

A Chinese hacking group has reportedly targeted the IT systems of two Indian Covid-19 vaccine makers, the Serum Institute of India (SII) and Bharat Biotech, cyber intelligence company Cyfirma told Reuters.

Cyfirma said Chinese hacking group APT10, which is also known as Stone Panda, had detected gaps and vulnerabilities in the IT infrastructure and supply chain software of Bharat Biotech and SII.

Cyfirma chief executive Kumar Ritesh was quoted by the news agency as saying: “The real motivation here is actually exfiltrating intellectual property and getting competitive advantage over Indian pharmaceutical companies.

“In the case of Serum Institute, [hackers] have found a number of their public servers running weak web servers, these are vulnerable web servers.”

SII and Bharat Biotech are making shots that are currently used in the country’s Covid-19 vaccination drive.

India and China have sold or donated Covid-19 vaccines to several countries, with India producing over 60% of all vaccines that are marketed globally.

SII is producing the AstraZeneca/Oxford University Covid-19 vaccine for many countries and is set to initiate bulk manufacturing of Novavax’s vaccines soon.

According to the Indian Computer Emergency Response Team (CERT) director-general’s office, the security issue has been passed on to its operations director SS Sarma.

In November 2020, Microsoft identified cyberattacks from Russia and North Korea targeting Covid-19 vaccine firms in India, Canada, France, South Korea and the US.

Reuters reported that North Korean hackers attempted to break into AstraZeneca’s systems.

Cyfirma tracks the activities of about 750 cybercriminals and monitors around 2,000 hacking campaigns with the help of a tool called DeCYFIR.